Latest in Gear

Image credit: John Greim/LightRocket via Getty Images

Russian hackers are hijacking computers at embassies (updated)

It doesn't appear to be a state-backed campaign.
302 Shares
Share
Tweet
Share
Save

Sponsored Links

John Greim/LightRocket via Getty Images

Russian hackers have apparently launched cyberattacks against embassies, although it might not be the kind of campaign you're expecting. Check Point Research reports that the attackers have attempted to compromise PCs at embassies for countries like Italy, Bermuda and Kenya by tricking officials into loading malware. Most often, they emailed Excel spreadsheets with malicious macros that would hijack a computer using the popular remote access app TeamViewer.

The attackers don't seem to be state-backed, though. They've also attacked government officials at "several" revenue authorities, and Check Point noted that there have been similar campaigns that targeted Russian speakers. At least one of the culprits, nicknamed EvaPiks, has been linked to a hacking forum where card theft was a subject of discussion. The intruders may be "financially motivated" based on this evidence, Check Point said.

As it is, the group is occasionally sloppy. While it planned the campaign and created false documents specific to each target, some parts of the campaign have left the attacker's personal info exposed. If this is a state attack, it wasn't a particularly good one. Not that this is much comfort to victims -- they've had potentially sensitive data exposed to crooks who intend to abuse it.

Update 4/25 1:10PM ET: The initially sourced account of what happened was inaccurate. Check Point tells Engadget that the attackers didn't hit US embassies -- instead, they used the US State Department as a decoy to attack others' embassies. We've updated the article accordingly.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
302 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
Yamaha updates its THR desktop guitar amps for the first time in years

Yamaha updates its THR desktop guitar amps for the first time in years

View
Facebook’s latest AI experiment helps you pick what to wear

Facebook’s latest AI experiment helps you pick what to wear

View
iFixit's iPhone 11 Pro Max teardown investigates charging rumors

iFixit's iPhone 11 Pro Max teardown investigates charging rumors

View
TiVo wants to make a comeback with $50 Android TV dongle

TiVo wants to make a comeback with $50 Android TV dongle

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr