Summary: The Maverits Special Report details the expanded operations of APT28, a Russian cyber espionage group, since the outbreak of the Ukraine war in 2022. This group has shifted its focus from Ukraine to a broader European strategy, employing advanced malware and phishing techniques to target government and diplomatic institutions across multiple nations. APT28’s activities now also include significant involvement in influence operations and collaboration with other cyber threat actors, highlighting the complexity and scale of their operations.
Affected: NATO countries, Ukraine, Poland, and various European nations
Keypoints :
- APT28 has evolved its tactics, focusing on espionage and influence operations across Europe and Asia.
- The group employs sophisticated malware such as Jaguar Tooth and Moobot to facilitate cyber espionage.
- Phishing plays a critical role in APT28’s operations, targeting military and diplomatic personnel to gain access to sensitive information.
- Since 2022, APT28 has increased its geopolitical reach, impacting government and defense sectors in numerous European countries.
- Collaboration with other cyber criminal entities suggests a broad and coordinated network of cyber threats linked to Russian intelligence activities.