Russia-linked hacking campaign targets European diplomats with fake wine tasting events

A recent report from Check Point Research has revealed that a Russia-linked hacking group, known as APT29, has launched a sophisticated phishing campaign targeting European diplomats. The group has been sending out fake invitations to wine tasting events, luring targets to click on malicious links that lead to the deployment of a new backdoor malware called GRAPELOADER.

According to the cybersecurity firm, the emails sent by APT29 impersonate a major European Ministry of Foreign Affairs and include subject lines such as “Wine tasting event (update date),” “For Ambassador’s Calendar,” and “Diplomatic dinner.” The campaign specifically focuses on European diplomatic entities, including non-European countries’ embassies located in Europe.

The U.S. Cybersecurity and Infrastructure Security Agency has previously identified APT29 as a cyber espionage group, likely part of the Russian intelligence services. Check Point Research noted that APT29 is known for targeting high-profile organizations, including government agencies and think tanks, using a variety of tactics ranging from targeted phishing campaigns to supply chain attacks.

The phishing attacks, which began in January of this year, have targeted multiple European countries with a specific emphasis on Ministries of Foreign Affairs and embassies in Europe. The firm also found evidence of limited targeting outside of Europe, including diplomats based in the Middle East.

In an effort to increase the success rate of the phishing campaign, additional waves of emails were sent to potential victims. The malicious link is hosted on a server that is highly protected against scanning and automated analysis, with the malware download only triggered under specific conditions. When accessed, the link redirects to the official website of the impersonated Ministry of Foreign Affairs.

It remains unclear whether any of the phishing attacks have been successful. However, it is crucial for diplomatic entities and other high-profile organizations to remain vigilant against such sophisticated cyber threats.

Stay informed about the latest cybersecurity news and developments by following Fox News Digital.