Russian Hacker Group APT29 Behind Major Cyberattack on Azerbaijani Media

The cyberattack on Azerbaijani media resources on February 20 was carried out by the Russian hacker group APT29 also known as Cozy Bear, Midnight Blizzard, and The Dukes, according to Ramid Namazov, head of the temporary commission on countering foreign interference and hybrid threats, speaking during a public hearing on May 2.

APT29 is known for its involvement in cyber-espionage operations, typically targeting government agencies, diplomatic missions, and critical sectors such as defense, energy, and media. The group is known for operating discreetly, often infiltrating systems long before launching an actual attack.

Cybersecurity specialists investigating the incident reported that the attackers had maintained access to the affected systems for two to three years, indicating a high level of planning and coordination.

According to the investigators, the attack was politically motivated, which aligns with the known tactics of APT29 and distinguishes it from financially motivated cybercrime groups.

Azerbaijani expert Ramid Namazov suggested that the cyberattack may have been a response to recent political decisions, including the closure of the unregistered Russian cultural center “Russian House” and discussions around terminating the local office of Sputnik in early February.

The February 20 incident is considered one of the most significant cyberattacks in Azerbaijan’s history. The investigation was carried out by two independent cybersecurity teams with extensive experience in digital forensics and threat analysis.

Their findings, which included the examination of system logs, malware traces, and attacker behavior, pointed to a coordinated and politically charged operation.

Previously, it was reported that for the first time, France has officially recognized the responsibility of Russian military intelligence for cyberattacks against TV5Monde in 2015, which led to the shutdown of the French television channel and the hacking of Emmanuel Macron’s campaign team emails during the 2017 presidential race.