A state-sponsored hacking operation is targeting diplomats, using a new attack that bundles malware with a legitimate software update.
Uncovered by researchers at ESET, the attacks are targeting embassies and consulates in eastern European post-Soviet states and have been attributed to Turla, a well-known advanced persistent threat group.
The hacking operation has a history of targeting government and diplomatic bodies using watering-hole attacks and spear-phishing campaigns, which often involve the use of false Flash downloads, to infiltrate victim’s systems. Security researchers are still unsure as to how the attackers are bundling their payload alongside a Flash player installer. They note that some private companies have been infected, but that they’re not the main targets of the campaign.
Read more about the campaigns using this attack technique, which have been operational since July 2016, on ZDNet.