A group of Russian hackers is targeting European governments with spearphishing campaigns to breach their digital systems, according to a new advisory from the European Union’s Cyber Emergency Response Team.
The cybersecurity note identified at least seven EU countries on the target list of the hacking group Fancy Bear, Politico reported.
The cyberthreat actors deployed customized lures to convince their targets to download malicious software and gain access to the countries’ virtual networks, the report said.
The CERT-EU note showed that the group is using various decoy documents, such as a United Nations Special Committee report, to trick the victims into activating the malware.
Released in early November, the cyber advisory warned that the threat level posed by Fancy Bear on EU institutions and agencies is significantly high.
According to Politico, the United States tagged Fancy Bear in the 2016 hacking of the Democratic National Committee. The U.S. government said the group’s action contributed to the election win of Donald Trump.
Also known as APT28, the Russia-linked cyber operators were sanctioned by the EU in 2020 following the cyber intrusion that hit the German Bundestag in 2015.
In a statement, Johannes Bahrke, a spokesperson for the European Commission, declined to specifically discuss the CERT-EU advisory but stressed the importance of “regular information sharing” to give all relevant EU actors the latest insights in assessing and mitigating cyber risks.