15. August 2021

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

For months, the Slovak government has been targeted by a cyber-espionage group associated with a Russian intelligence agency, Slovak security companies ESET and IstroSec stated this week. The Slovak internet security firm ESET develops anti-virus and firewall products. With headquarters in Bratislava, Slovakia, ESET earned the award for the most successful Slovakian company in 2008, 2009, and 2010. 

Additional revelations targetting the Slovak Government including the Cobalt Strike Infrastructure operation employed by the attackers were provided by the companies. Dukes, Nobelium, and APT29 are the organizations that are held responsible for the attacks. These are affiliated with the Russian Foreign Intelligence Service (SVR). Their activities date back to 2008, typically targeting government networks in NATO and European countries, research institutes, and think tanks. 

The SVR hackers are believed to have spear-phished senior government officials using publicly available information, community threat intelligence sources (VirusTotal), and their investigations. The security firms IstroSec and ESET claimed that the SVR targeted the Slovak officials through spear-phishing campaigns. 

Researchers at the Def Con conference reported that SVR operators sent spear-phishing attacks to Slovak diplomats in the form of emails posing as the National Security Authority (NBU) of Slovak to infect their systems. The ISO/IMG attachment in the email looked like a Word document.