BLUF
The Russian state-sponsored hacking group, known as Cozy Bear, attempted to break into foreign embassies by trying to share malware-infected files using Dropbox or Google Drive storage. It is unknown whether these attacks were successful.Summary
This article by Sam Sabin, writing for Axios, makes the following points:
- This attack marks an expansion in Russian state hackers' abuse of cloud services.
- Several embassies in Brazil and Portugal were sent a phishing email disguised as a Dropbox or Google Drive link.
- The link purported to be to an agenda for an upcoming meeting.
- If the link were downloaded, it would infect the downloader's computer with malware.
- This provided hackers with a backdoor into the recipient's file system.
References
Recent Runway Posts related to this topic:
- RUSSIAN-UKRAINE CONFLICT—RAAF RUNWAY COLLECTION
- RAAF RUNWAY: RATIONALE, GUIDELINES, LEARNING OUTCOMES, ETC.
References from the Web:
- OCT 2021 Microsoft says Russia-backed hackers are targeting cloud services, supply chain—CBS News
- MAR 2022 How cloud services become weapons in Russia-Ukraine cyber conflict—ZDNet
- APR 2022 Russia and Ukraine are weaponizing cloud technology amid conflict—Security Magazine
- AUG 2022 Microsoft disrupts Russian-linked hackers targeting NATO countries—Breaking Defense
Source Information:
- Article Source: Axios
- Media Check: Axios - Media Bias Fact Check (mediabiasfactcheck.com)
