Fake ad targeting foreign diplomats with 'discount' price Credit: Reuters
In 2021, US and UK intelligence agencies identified APT29 as a branch of the Russian Foreign Intelligence Service, SVR.
In April, Polish counterintelligence and cybersecurity authorities warned that the same group had conducted a “large-scale intelligence campaign » against NATO, European Union and African countries.
Researchers at Unit 42 were able to link the fake car ad to SVR because the hackers reused certain tools and techniques that had previously been linked to the spy agency.
A Polish diplomat said he sent the original ad to various embassies in Kiev , and that someone called him back because the price looked “attractive.”
“When I checked, I realized they were talking about a slightly lower price,” the diplomat said.
“Next time I would sell it in Poland”
The SVR hackers appear to have listed the Diplomat's BMW at a lower price of €7,500 (£6,400) in their fake version of the ad in an attempt to entice more people to download malware that would give them remote access to their devices.This software, according to Unit 42, was disguised as a photo album of a used BMW. The report said that attempts to open the photos would have infected the victim's computer.
Twenty-one of the 22 embassies targeted by the hackers and subsequently contacted by Reuters did not provide comment. It is not clear which embassies, if any, were compromised.
A US State Department spokesman said they were “aware of this activity and based on analysis by the Office of Cyber and Technology Security concluded that it did not affect Departmental systems or accounts.”
As for the car, it was still in stock, a Polish diplomat told Reuters: “I might try to sell it in Poland,” he said. “After this situation, I don't want to have any more problems.”
Recent Comments