‘Wine-tasting event’ and ‘Diplomatic dinner’ were the subjects of e-mails sent by a leading European foreign ministry
The cybercriminal group called APT29, but also known by the name Cozy Bear, which is linked to the Moscow government, is behind a new wave of phishing attacksagainst European diplomats, which once again aims to exploit their cultural inclination towards wine consumption in order to spread a new backdoor malware.
The new attack is similar in modalities to last year’s WineLoader campaign. It uses emails to invite recipients to wine tastings, in an attempt to induce them to click on malicious links, as revealed by Check Point Research researchers in a recently published report. However, this time there are two new elements: the target audience and the malware lurking in the back-end of the campaign…
This campaign seems to focus on European diplomatic entities, including embassies of non-European countries located in Europe.
