Russian Hackers Exploit False ‘Windows Update’ to Target Government Entities
In a concerning development, Russian cybercriminals have been discovered employing a deceptive strategy to target Ukrainian government employees with information-stealing malware. Researchers from Ukraine’s Computer Emergency Response Team (CERT-UA) recently uncovered a hacking campaign perpetrated by Russian state-sponsored hackers, specifically the notorious APT28 threat actor, also known as Fancy Bear.
The modus operandi of the attackers involved sending emails to government employees, masquerading as legitimate messages from their own IT department. The emails urged recipients to immediately update their Windows devices, citing the need to prevent potential cyberattacks. To enhance their credibility, the hackers took extra measures, utilizing @outlook.com email addresses that corresponded to actual individuals working within the targeted organizations.