Russian Cyberspies Target Diplomatic Devices: Microsoft’s Cyber-Espionage Alert
Russian cyberspies are using local ISPs to target foreign embassies in Moscow, intercepting sensitive data through an adversary-in-the-middle attack, warns Microsoft. Dubbed Secret Blizzard, the Kremlin-backed group deploys custom malware to snoop on diplomats’ devices. So, if you’re in Moscow, maybe avoid that Wi-Fi network named “Definitely_Real_Internet.”
Hot Take:
Looks like Russian cyberspies have decided to play peek-a-boo with embassy communications in Moscow. Instead of using traditional spy gadgets like invisible ink or trench coats, they’re opting for the high-tech version of hiding behind the bushes: hijacking local ISPs! Who knew being a diplomat could make you the star of a cyber-espionage thriller?
Key Points:
- Russian cyberspies are exploiting local ISPs to target foreign embassies in Moscow.
- The campaign is linked to the Kremlin-backed group Secret Blizzard, known for cyber-espionage.
- Secret Blizzard employs an adversary-in-the-middle (AiTM) technique to intercept communications.
- The attack involves redirecting devices to a captive portal and deploying ApolloShadow malware.
- Microsoft advises using encrypted tunnels or VPNs to avoid ISP-level interception.
Already a member? Log in here