Microsoft catches Russian hackers targeting foreign embassies
Russian-state hackers are targeting foreign embassies in Moscow with custom malware that gets installed using adversary-in-the-middle attacks that operate at the ISP level, Microsoft warned Thursday. The campaign has been ongoing since last year. It leverages ISPs in that country, which are obligated to work on behalf of the Russian government. With the ability to control the ISP network, the threat group—which Microsoft tracks under the name Secret Blizzard—positions itself between a targeted embassy and the end points they connect to, a form of attack known as an adversary in the middle, or AitM. The position allows Secret Blizzard to [...]