Hassan Nafaa
October 3, 2019
•[ espionage, malware, education ]
The Egyptian government installed mobile apps on targets' phones to extract files, track their locations, and identify contacts. One of the targets is Hassan Nafaa, a political scientist at Cairo University.
An official with the Egyptian-Canadian Coalition for Democracy
October 3, 2019
•[ espionage, malware, government ]
The Egyptian government installed mobile apps on targets' phones to extract files, track their locations, and identify contacts. One of the targets is an official with the Egyptian-Canadian Coalition for Democracy who was targeted after his organization published a video of an Egyptian government minister making threatening gestures during a speech.
Khaled Dawoud
October 3, 2019
•[ espionage, malware, government ]
The Egyptian government installed mobile apps on targets' phones to extract files, track their locations, and identify contacts. One of the targets is Khaled Dawoud, a former journalist and leader of the Constitution Party.
Japanese government agencies
October 2, 2019
•[ espionage, government, malware ]
Researchers at JPCERT reveal the details of a campaign targeting Japanese government agencies and exploiting a vulnerability in the local Sanshiro spreadsheet application (CVE-2014-0810).
US petroleum industry
October 1, 2019
•[ espionage, malware, energy ]
Researchers from Netskope discover a campaign against the US petroleum industry carried out via a new Adwind Remote Access Trojan (RAT) variant.
kaunas.kasvyksta.lt
September 25, 2019
•[ hack, espionage, information ]
Ghostwriter, a suspected Belarus-backed hacking group, has compromised websites and email accounts in Latvia, Lithuania, and Poland'to publish fabricated documents pushing anti-North Atlantic Treaty Organization (NATO) narratives consistent with Kremlin talking points. The influence campaign started in 2017.
Czech Foreign Ministry
August 13, 2019
•[ espionage, government ]
According to a parliamentary committee, a foreign state is believed to be behind a cyberattack on the Czech Foreign Ministry.
Office of the First Deputy Prime Minister of Bahrain
August 7, 2019
•[ espionage, malware, government ]
A threat actor broke into the systems of Bahrain's National Security Agency, Ministry of Interior, and office of the first deputy prime minister. On July 25, 2019, Bahraini authorities detected intrusions into its electric and water authority that shut down several systems. The attacks were similar to two hacks in 2012, in which the Shamoon virus was used to knock Qatar's natural gas firm RasGas offline and wipe data from the hard drives at Saudi Aramco, Saudi Arabia's national oil company. Iran is believed to be behind the attacks.
APT17 (AKA Deputy Dog and Axiom)
July 24, 2019
•[ espionage, hack, government ]
Intrusion Truth, an online group of anonymous cyber-security analysts, reveals the details of APT17 (AKA Deputy Dog and Axiom) another cyber-espionage hacking group linked to the Chinese government.
Government in Eastern Europe
July 10, 2019
•[ espionage, malware, government ]
Researchers from ESET discover a zero-day exploit (CVE-2019-1132), deployed in a highly targeted attack in Eastern Europe.
Croatian government
July 5, 2019
•[ espionage, malware, government ]
A new report reveals that Croatian government employees have been targeted by a state-sponsored actor between February and April this year, via the Empire and SilentTrinity backdoors.
Yandex
June 27, 2019
•[ espionage, malware, technology ]
Reuters reveal that hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018. Apparently the attack was carried out with a Regin variant.
Iran
June 17, 2019
•[ espionage, government ]
Iran says it had exposed a large cyber espionage network allegedly run by the U.S. Central Intelligence Agency (CIA).
Russia's electric power grid
June 15, 2019
•[ espionage, malware, energy ]
The New York Times, citing current and former government officials, reveals that the United States planted a potentially destructive malware in Russia's electric power grid.
Hong Kong branch of Amnesty International
April 25, 2019
•[ espionage, hack, government ]
The Hong Kong branch of human rights group Amnesty International reveal it was targeted by state-sponsored hackers in a cyberattack "consistent with those carried out by hostile groups linked to the Chinese government".
Ministry of Intelligence and Security (MOIS) (APT 34 OilRig)
April 18, 2019
•[ espionage, leak, government ]
A collective dubbed Lab Dookhtegan reveal details about the inner workings of the cyber-espionage group known as OilRig, APT34, and HelixKitten, linked to the Iranian government. The source code of their tools is leaked on Telegram.
Ukrainian military
April 16, 2019
•[ espionage, phishing, malware ]
Researchers from FireEye reveal that multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script.
Bayer
April 4, 2019
•[ espionage, malware, manufacturing ]
Bayer reveals to have contained a cyber attack carried out by the Wicked Panda Group via the WINNTI malware.
Belgian Interior Ministry
April 1, 2019
•[ espionage, government ]
Belgian officials said that hackers breached the network of its interior ministry in a security incident that took place in April 2019. The investigation found that the threat actor's motive was likely espionage.
Raymond Houndjo
April 1, 2019
•[ espionage, malware, government ]
Hackers used spyware, developed by Israeli technology firm NSO Group, that exploited a vulnerability in the messaging app WhatsApp to inject spyware onto the phones of opposition politicians and prominent religious leaders in Togo. The hack coincided with pro-reform protests in the country. Among the victims is Raymond Houndjo, a prominent member of the opposition party.
