Category: Latest news

Microsoft Uncovers Russian Cyber Operation Targeting Foreign Embassies in Moscow

Aug 01, 2025 10:48 Updated Aug 01, 2025 11:50

2 min read

Authors: Vlad Litnarovych
News Writer

A live cyber threat map is displayed on a screen at the Australian Center for Cyber Cooperation in Adelaide, Australia, on May 3, 2024. (Source: Getty Images)

A Russian state-linked hacking group has been conducting a sweeping cyberespionage operation targeting foreign embassies and diplomats in Moscow, according to a report from Microsoft’s Threat Intelligence team on July 31.

The group behind the campaign—known as Secret Blizzard, also tracked as Turla, Waterbug, or Venomous Bear—is believed to be tied to Unit 16 of Russia’s FSB, the country’s main security agency. The US Cybersecurity and Infrastructure Security Agency (CISA) previously confirmed the group’s affiliation with the Russian state.

According to Microsoft, Secret Blizzard has been infecting devices that connect to Russian internet service providers with a sophisticated malware strain dubbed ApolloShadow.

Category: Anti-Fake

The Mighty Russian Cyber Empire Is a Glass Onion

Jul 31, 2025 20:27

The malware disguises itself as legitimate antivirus software, but in reality, it enables hackers to gain deep access to sensitive information on compromised devices.

ApolloShadow’s capabilities are far-reaching. It can install fake root certificates, allowing the interception and modification of even encrypted internet traffic. The malware can also harvest login credentials, authentication tokens, and other vital information while creating hidden administrator-level accounts to maintain persistent access.

Category: War in Ukraine

Russia’s ‘Digital Army’ Waging Covert Online War Against Ukraine and Its Allies

Feb 04, 2025 15:43

By leveraging its privileged access through Russian ISPs, the group can monitor nearly all online activity within diplomatic missions, including private communications and classified documents related to international negotiations.

“This campaign marks the first known case where hackers have used state-sanctioned access to internet providers to launch cyberattacks,” Microsoft noted in its report.

Earlier, authorities in Russia’s Krasnoyarsk region imposed “temporary restrictions” on mobile internet access, citing vague national security concerns—yet offering few specifics, with Governor Mikhail Kotyukov confirming the measure.

Fundraiser For Peaceful Nights

$1,500,000 towards 10 Ukrainian AI-Controlled Turrets.

Donate