Russian government and IT organizations

The EastWind campaign utilized sophisticated backdoors to target Russian entities, compromising government and IT organizations' security. Malware delivered via phishing emails installed PlugY and GrewApacha backdoors on victims' systems. The ill-intended actors leveraged public services like Dropbox and LiveJournal for command and control, executing wide-ranging functions including data theft and system monitoring. The implication of APT groups APT27 and APT31 indicates the sharing of advanced cyber-espionage tools, which signifies a higher threat level due to the coordinated and resourceful nature of the attackers. The campaign resulted in the unauthorized access and potential exfiltration of sensitive information, posing a critical concern for national security and the affected institutions' operational integrity.

Source: https://securityaffairs.com/166924/apt/eastwind-campaign-targets-russian-organizations.html

"id": "fre000081724",
"linkid": "free-russia-foundation",
"type": "Ransomware",
"date": "8/2024",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"