Photo: Depositphotos
One of Russia’s most notorious hacker groups, Cozy Bear, linked to Russian intelligence, organised a cyberattack targeting European diplomats. The hackers impersonated one of the largest foreign ministries in the EU, sending fake invitations containing malware. Politico reports this with reference to sources in European cybersecurity services.
The fake messages were sent not only to the MFAs of EU member states, but also to the embassies of third countries located in Europe. The emails contained invitations to allegedly diplomatic events, which were intended to force recipients to download malware.
Cyber sabotage under diplomatic cover
According to Politico’s sources, the attack was carefully planned and looked convincing enough to make diplomats believe it was authentic. Cozy Bear (also known as APT29) specialises in espionage and has a long history of cyberattacks against NATO government agencies.
Kremlin hackers with a history of high-profile attacks
Cozy Bear, which has been linked to Russia’s Foreign Intelligence Service, is behind a number of high-profile cyber operations. In particular, it is believed to be responsible for the hacking of the US Democratic Party’s servers in 2016, as well as for the attack on SolarWinds, which affected numerous US government agencies.
Context: attack on the Czech prime minister’s account
The cyber activity of Russian special services has increased significantly in recent weeks. For example, on 8 April, the account of Czech Prime Minister Petr Fiala on the social network X was hacked. It posted a fake message about an alleged attack by Russian troops on Czech units near the Kaliningrad region.
Incidents of this type demonstrate Russia’s intensified cyber aggression against the EU and NATO countries in the context of the ongoing war in Ukraine. European security services are urging diplomatic institutions to be especially careful with emails, even if they look official.
