Russian hackers backed by their government, and at the behest of its foreign intelligence agency, have had their sights trained on Ukranian diplomats for the past couple of months. Their mode of attack? an ad of a BMW being sold at a ridiculously cheap price.
The source of the bad Russian actors were discovered by the Palo Alto Networks’ Unit 42 research division, and believe it or not, the ad itself started off with the intended and legitimate intention. Specifically, the ad lists a BMW 5-series Sedan, located in Kyiv. The flyer first began circulation in Mid-April, after a diplomat within the Polish Ministry of Foreign Affairs emailed it to a variety of embassies.
And this is where the Russian hackers went to work, intercepting the flyer, copying it, and then embedding it with all the malicious software that one could possibly imagine, before distributing it to other diplomats in the Ukrainian capital. It is believed that 22 diplomats of the approximately 80 foreign missions were targetted.
The Russian hacker collective responsible for the attack is believed to be APT29 or “Cozy Bear”, which is a division within Russia’s foreign intelligence service, SVR. The hackers are known by intelligence agencies globally for having been involved in numerous high-profile hacking incidents including invading the US Democrats’ network and the cybersecurity firm FireEye, among others.
“Diplomatic missions will always be a high-value espionage target,” the Unit 42 report said. “Sixteen months into the Russian invasion of Ukraine, intelligence surrounding Ukraine and allied diplomatic efforts are almost certainly a high priority for the Russian government”.
Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news.