Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaig [Tuesday, February 20, 2024]

A new espionage campaign conducted by the Russia-aligned threat actor TAG-70 has been observed targeting European government and military entities....
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaig [Tuesday, February 20, 2024]
Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaig

Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaig

Description :
A new espionage campaign conducted by the Russia-aligned threat actor TAG-70 has been observed targeting European government and military entities. The attackers are exploiting cross-site scripting (XSS) vulnerabilities to compromise Roundcube mail servers and exfiltrate sensitive data.

Published Created Modified
2024-02-20 09:36:32 2024-02-20 09:36:32 2024-02-20 09:48:31

Tags

Indicators

IPv4s : Domains : Malwares :
  • MailCopter
  • Zekapab
  • Zebrocy - S0251
Hashes :
  • 6800357ec3092c56aab17720897c29bb389f70cb49223b289ea5365314199a26
  • ea22b3e9ecdfd06fae74483deb9ef0245aefdc72f99120ae6525c0eaf37de32e
Intrusion set :
  • Winter Vivern
Location :
  • Estonia
  • Lithuania
  • Poland
  • Ukraine
MITRE ATT&CK Techniques : Other observables :
  • Military
  • Government

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.