Google blocks new Fancy Bear / APT28 phishing campaign

On Wednesday, MotherBoard reports, Google alerted approximately 14 000 users, including journalists and members of several NGOs and think tanks, that they had been the target of Russian government sponsored hackers.

Shane Huntley, the head of the Threat Analysis Group or TAG, the anti -Google hacking, wrote on Twitter that his team had sent out an “ above-average batch ” of warnings. “ This particular campaign included 86% of the number of warnings we sent out this month ,” Huntley said in the press release, which states that “ 100% of these emails were automatically classified as spam and blocked by Gmail ”.

The phishing campaign is said to come from APT 28, or Fancy Bear, the group affiliated with the Russian government and responsible for some of the most high-profile hacks in in recent years, including that of Hillary Clinton’s campaign and the Democratic National Committee in 2016.

TAG warning messages appear to have been personalized , notes Runa Sandvik: some advised to update Word or to privilege Google Docs, while others advised to open .pdf in Chrome.

Back to top button