National: Russian hacking group ‘Cozy Bear’ likely responsible for phishing campaign, US security firm says | The Hill
A U.S. security firm on Monday said a Russian hacker group is likely responsible for a phishing campaign that used emails to impersonate a State Department employee. FireEye researchers tied the spear phishing campaign to APT29, a group often referred to as “Cozy Bear.” The hackers were targeting U.S. think tanks, the military, federal government and law enforcement, among other sectors, the security firm said in a blog post. Monday’s finding comes just days after FireEye and another U.S. cybersecurity firm, CrowdStrike, publicly confirmed the phishing campaign. The companies did not attribute the actions to the hacking group at the time, but noted similarities to previous activity by Cozy Bear. FireEye said the hacking group created emails that gave the impression of coming from a State Department public affairs official who was trying to share an official document. The attached document included links and a file hosted on a domain that was likely compromised, FireEye said.Full Article: Russian hacking group 'Cozy Bear' likely responsible for phishing campaign, US security firm says | TheHill.