Russian hackers abducted passwords from gmail: who is to worry about their data

According to Citizen Lab researchers, the victims believed that they create and pass the password for a particular application to safely access the US State Department platform, but in fact they give the attacker full access to their Google account. The purpose of the attackers was known researchers and critics of Russia. The experts revealed the hackers tactics by describing the attack on Russian expert on Kair Jails information operations. Initially, Giles received an e -mail signed by Claude S.

Weber, allegedly from the US State Department. Weber, allegedly from the US State Department. It proposes to participate in the "private online conversation". After several emails, in which Giles expressed interest, but reported that he could not join the conversation on the specified day, the fraudsters were offered him to join the MS Dos Guest Tenant State Department platform to "easily attend future meetings.

Giles agreed and received a PDF file with a detailed description of how to create a password for the app in Google Account, required for registration on the intended platform as a guest user. At a later stage, the deception was provided with a password of the US DOS Administrators to add an external user to the Guest Customer O365.

The instructions stated that it was an alternative solution that provides a safe connection through a platform between US State Department employees and external users with Gmail accounts. Security researchers from Google Threat Intelligence Group have identified a cybercrime as an UNC6293. They believe that it is sponsored by the state and may be associated with APT29, a group under the guidance of Russia's Foreign Intelligence Service (CZR).

APT29 is known by several names (Noblebaron, Nobelium, Cozy Bear, CozyDuke, Midnight Blizzard) and has been operating since 2008. Its goals are usually government networks, research institutes and analytical centers. In order not to be a victim of hackers, Google recommends registering in its extended protection program, which enhances the security measures and does not allow you to create a password for a specific application or enter the system without providing a certain access key.