November 2, 2014 by

APT28: Russia’s Cyber Espionage Group

FireEye recently released another Advanced Persistent Threat report. This time examining a Russian group of attackers named APT28. The report is named “

According to the report, the group has attacked a number of governments, including Georgian, Eastern Europe, NATO, and the Organization for Security and Co-operation in Europe. APT28 has been active for almost a decade, operating at least since 2007.

Unlike the China-based groups FireEye tracks, the APT28 group does not steal information for financial gains. Instead they targeted “privileged information related to governments, militaries and security organizations.” The report makes it very clear that the attackers are suspected to be state sponsored.

Over 96% of the malware samples we have attributed to APT28 were compiled between Monday and Friday. More than 89% were compiled between 8AM and 6PM in the UTC+4 time zone, which parallels the working hours in Moscow and St. Petersburg.

I highly recommend everyone to read the report itself to find out more information.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Hackers Stole $6 Million From Russian Bank via SWIFT System

Russia’s central bank has revealed a cyberheist wherein unknown hackers stole nearly 340 million...

Read more arrow_forward

Cyberattacks ‘Could Lead to Inadvertent Missile Launches’, Says Think Tank

A number of nuclear weapons systems in the United States, Britain and other countries are at risk...

Read more arrow_forward

Russian State-Sponsored Hackers Target the US Senate: Researchers

The suspected Russian hackers behind the breach of the Democratic National Committee (DNC) is now...

Read more arrow_forward