The Nimble Nerd white logo

Russia’s Cozy Bear Strikes Again: Elite Spyware Tools Fuel New Hacking Frenzy

Governments are making elite spyware vendors like Intellexa and NSO Group’s hacking tools their go-to for espionage. Google’s Threat Analysis Group found Russia’s APT29 gang using these tools in recent campaigns. It’s like a high-stakes game of “Spy vs. Spy,” but with more zeros and…

3p
Published: August 29, 2024 2:28 pmAdded: August 29, 2024 at 1:49 pmAssembled by: The Editor

Hot Take:

Looks like Cozy Bear has been shopping in the spyware clearance section, picking up some trendy, slightly-used exploits to keep their espionage game fresh. It’s like a cyber Black Friday, but for hackers.

Key Points:

  • Google’s Threat Analysis Group (TAG) unveils hacking campaigns by Russia’s APT29, using exploits similar to those from Intellexa and NSO Group.
  • Attacks targeted Mongolian government websites between November 2023 and July 2024 through “watering hole” tactics.
  • Exploits targeted unpatched iOS and Android devices, initially used as zero-days by commercial surveillance vendors.
  • Uncertainty remains on how APT29 acquired these exploits, whether purchased, stolen, or reverse-engineered.
  • NSO Group denies selling its products to Russia, emphasizing sales only to vetted US and Israel-allied agencies.

Membership Required

 You must be a member to access this content.

View Membership Levels