Researchers Find More Servers Tied to Russian-Linked Attacks
August 4, 2021 Twitter Get Permission
Researchers at the security firm RiskIQ have uncovered about 35 active command-and-control servers connected with an ongoing malware campaign that has been linked to a Russian-speaking attack group known as APT29 or Cozy Bear.
These servers, which are located in the U.S., Austria, Bulgaria, Switzerland, Germany, Denmark, France, Hong Kong, Japan and nearly a dozen other countries, are used to host custom malware called WellMess and WellMail, RiskIQ says in a report released Friday. These malware strains have previously been deployed to target research organizations developing COVID-19 vaccines, the researchers note.
Dozens of active Cozy Bear C2 servers serving data-stealing malware identified
computing.co.uk - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from computing.co.uk Daily Mail and Mail on Sunday newspapers.
Dozens of active Cozy Bear C2 servers for data-stealing malware identified
computing.co.uk - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from computing.co.uk Daily Mail and Mail on Sunday newspapers.