November 2, 2014 by

APT28: Russia’s Cyber Espionage Group

FireEye recently released another Advanced Persistent Threat report. This time examining a Russian group of attackers named APT28. The report is named “

According to the report, the group has attacked a number of governments, including Georgian, Eastern Europe, NATO, and the Organization for Security and Co-operation in Europe. APT28 has been active for almost a decade, operating at least since 2007.

Unlike the China-based groups FireEye tracks, the APT28 group does not steal information for financial gains. Instead they targeted “privileged information related to governments, militaries and security organizations.” The report makes it very clear that the attackers are suspected to be state sponsored.

Over 96% of the malware samples we have attributed to APT28 were compiled between Monday and Friday. More than 89% were compiled between 8AM and 6PM in the UTC+4 time zone, which parallels the working hours in Moscow and St. Petersburg.

I highly recommend everyone to read the report itself to find out more information.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward

100% of Govt Entities See Own Employees as Biggest Cybersecurity Risk

A new cybersecurity report has claimed that the government sector is way behind others in...

Read more arrow_forward

HBO Refuses to Pay Hackers as Leaks Continue

HBO is refusing to negotiate with hackers who have allegedly stolen up to 1.5 terabytes of data from...

Read more arrow_forward