News

RiskIQ shares list of more than thirty IP addresses of Russian malware servers

By admin
Spread the love

Security company RiskIQ has published a list of more than thirty IP addresses of Russian malware servers linked to the hacker collective APT29 and the Russian government. According to the company, the servers are currently still in active use.

The ball went according to RiskIQ rolling after a potential WellMess malware server was reported on Twitter early last month. The ip address and ssl certificate were shared on Twitter whereupon RiskIQ started to analyze it. The company searched and found more than thirty similar, active ones ip addresses and similar ssl certificates and was able to link it ‘with a great deal of certainty’ to the server infrastructure used by APT29. According to RiskIQ, the servers are still actively used by APT29. The security company cannot say which parties are targets of APT29.

APT29, also known as The Dukes of Cozy Bear, is a Russian hacker collective that last year attacked scientists from the United Kingdom, the United States and Canada who were researching the corona vaccine via malware. According to the security services of the US, UK and Canada, the hackers ‘most likely’ had the intention to steal information about the development of the vaccine. These security services say that APT29 is ‘almost certainly’ part of the Russian intelligence services.

Facebook Notice for EU! You need to login to view and post FB Comments!
You might also like
News

X begins to deploy the audio and video calling function (but only paying users can…

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

EU Council determines position on security requirements for digital products

News

Telegram has over 800 million active users and is not yet profitable

News

Russian ministry bans iPhones due to suspicion of espionage

News

Elon Musk: Twitter loses half of ad revenue

Exit mobile version