cozybear

Latest

  • SARABURI, THAILAND - 2020/06/22: A researcher holds a COVID-19 mRNA vaccine during a news conference at the National Primate Research Center of Chulalongkorn University. Some vaccine candidates are in early stage of development, but 2 candidate vaccines are already in animal evaluation. The mRNA vaccine developed by Chulalongkorn University has proceeded through evaluation in mouse and then in Monkey. Second dose in Monkey is given on June 22, 2020. (Photo by Chaiwat Subprasom/SOPA Images/LightRocket via Getty Images)

    NSA says Russian hackers are trying to steal COVID-19 vaccine research

    by 
    Kris Holt
    Kris Holt
    07.16.2020

    The US, UK and Canada claim Cozy Bear has targeted health care organizations.

  • djedzura

    Dutch intelligence had a front-row seat to Russian DNC hack

    by 
    Jamie Rigg
    Jamie Rigg
    01.26.2018

    Of all the ways Russia attempted to exert influence over the outcome of the 2016 presidential election, the hacking of the Democratic National Committee (DNC) and party officials was arguably one of the most damaging blows to the Clinton campaign. And according to an investigation by Dutch media, the national intelligence agency of the Netherlands, AIVD, watched the whole thing play out. Anonymous American and Dutch sources tell the story of the AIVD infiltrating the computer network of a Moscow university building -- a network which just so happened to be used by Russian hacking group Cozy Bear, aka APT29.

  • LPettet via Getty Images

    Russian hackers are extorting American left-wing groups (updated)

    by 
    Jon Fingas
    Jon Fingas
    03.06.2017

    Russian hackers aren't done trying to influence American politics just because the presidential election is over, if you believe Bloomberg's sources. The news outlet understands that the FBI is investigating "at least a dozen" incidents where Russian hackers tried to blackmail US liberal groups. Typically, the intruders threaten to leak embarrassing emails and documents (complete with proof) unless the group pays the equivalent of tens of thousands of dollars in bitcoins. Some of the groups under fire include Arabella Advisors, which helps investors in liberal causes, as well as the think tank Center for American Progress.

  • Reuters/Lucy Nicholson

    After the election, hackers target think tanks with phishing attacks

    by 
    Richard Lawler
    Richard Lawler
    11.11.2016

    Now that the election is over, the Russian teams of hackers suspected of breaking into the Democratic Party's systems have reportedly launched a new phishing attack on US political think tanks and non-government organizations. Incident response firm Volexity has compiled information on "The Dukes" (aka APT29 or Cozy Bear) that it believes are behind the attacks. This time around, they worked by posing as a Harvard professor, sending links to Microsoft Office Word or Excel documents that contained a macro used to install a malware downloader on that target's computer. Once installed, it downloads a PNG file that has a backdoor embedded via steganography.