Latest news with #ApolloShadow

Straits Times

Russian hackers said to pose as cyber firm Kaspersky to spy on foreign embassies

Sign up now: Get ST's newsletters delivered to your inbox The Russian hacking group has been active for over 25 years. A notorious Russian hacking group is impersonating a prominent cyber security firm and using the country's internet providers to spy on foreign embassies, according to a report published on July 31 by Microsoft. The attackers, a group known as Turla or Secret Blizzard, engaged in a 'large scale' cyber-espionage campaign in which they used Russian internet service providers, or ISPs, to conduct their hacks, according to Microsoft. Turla hackers also disguised their malware to impersonate cybersecurity software from the Russian cybersecurity company Kaspersky. Kaspersky did not immediately respond to a request for comment. With access to those Russian ISPs, the hackers then targeted foreign embassies in Moscow, redirecting victims' internet traffic and delivering malware as part of the apparent intelligence-gathering operation, the report said. Microsoft declined to name specific targets. The malware, known as ApolloShadow, strips away targets' encryption, thereby converting the hacking targets' internet activity into clearly readable data, including browsing and sensitive credentials, according to Microsoft. This particular hacking group has been active for over 25 years. The US government said the group, widely considered one of the most sophisticated and persistent in the world, is part of the Russian Federal Security Service. The Department of Justice in 2023 said it dismantled a sprawling network of computers that Turla used to target victims around the world on behalf of the government in Moscow. The Russian Ministry of Foreign Affairs did not respond to a request for comment. Top stories Swipe. Select. Stay informed. Tech Reporting suspected advanced cyber attacks will provide a defence framework: Shanmugam Singapore Tanjong Katong sinkhole: Road will progressively open to motorists from Aug 2 noon World Trump modifies reciprocal tariffs ahead of deadline; rate on Singapore remains at 10% Business Singapore's US tariff rate stays at 10%, but the Republic is not out of the woods yet Singapore 5 women face capital charges after they were allegedly found with nearly 27kg of cocaine in S'pore Business Sumo Salad had valid insurance coverage for work injury claims: MOM Asia Australia to force Google to conduct age checks in world-first rules for search engines Singapore PM Wong to deliver National Day message on Aug 8 Sales of Kaspersky products were previously banned in the US after national security officials suggested that the Russian government has influence over the company. This hacking campaign occurs during a moment of substantial tension between Russia and the international community. Russia's war in Ukraine has vastly increased enmity between Russia, Europe and the Trump administration. Russian President Vladimir Putin also is tightening his grip on the country's domestic internet by sponsoring a sprawling super app and threatening to ban secure competitors like WhatsApp. Russia's domestic interception systems, such as the System for Operative Investigative Activities, or Sorm, likely play a key role in enabling these large scale operations, according to Microsoft. Sorm is the legally mandated foundation of domestic interception and surveillance in Russia, enabling surveillance by the FSB and other domestic law enforcement and intelligence agencies. BLOOMBERG