Russian hackers have carried out a series of attacks on different US embassies on Monday (22). According to Check Point Research, a company specializing in electronic security, the attacks were carried out in the US embassies of Italy, Bermuda, and Kenya.
According to information provided by Check Point, intruders sent malicious emails to several key employees of these embassies, with attached Excel tables that, when opened, executed a macro that allowed the attackers to take complete control of the computer through TeamViewer application, much used by computer technicians to solve problems remotely.
Although the initial concern of embassy officials about these attacks is something planned by the Russian government, there are several indications that it is an independent group. That’s because these hackers attacked not only the embassies but also financial and even some “public figures” of the Russian government itself.
In addition, the identity of at least one of the perpetrators of the attack is known: a hacker known by the nickname EvaPiks, which is not only related to the attacks but also recently participated actively in discussions about credit card theft in some forums. hackers, which suggests that the reason for these invasions is not political but financial.
This finding was made because, although they clearly planned the attack (creating fake spreadsheets whose names were related to projects where the victims actually worked), the hackers were not careful to cover their tracks, which made the security teams of these embassies could quickly locate even some personal information of who the invaders are.