The American company Palo Alto Networks, dealing with cybersecurity systems, announced the discovery of several cyberattacks by the hacker group APT28, also known as Fancy Bear or Sofacy, allegedly related to Russia.
Palo Alto Networks found a sample of an infected document used in the phishing emails of the group in October and early November this year for “a number of government agencies, including in North America, Europe and the former Soviet Union.” Thus, hackers can get information from the recipient’s computer.
According to the company, ART28 is known for “constant development of its mechanisms”. So Palo Alto Networks noticed that the company started using a program that experts called Cannon. The program is unique in that it has a “low” chance of detection.
In October, the U.S. Department of justice charged with cyber fraud, identity theft, and money laundering to seven Russians. According to the Agency, they are officers of the main intelligence Agency (GRU, now the main Directorate of the General staff of the armed forces). It is alleged that they published the stolen information on behalf of the hacker group Fancy Bear, trying to delegate the efforts of international organizations. According to investigators, the defendants tried to hack networks of anti-doping agencies and organizations, including WADA, USADA, the Sports arbitration court, the international Association of athletics federations, FIFA, and hacked the server of the nuclear company Westinghouse, which supplied fuel for nuclear reactors to Ukraine.