News

RiskIQ shares list with more than thirty IP addresses of Russian malware servers

By admin
Spread the love

Security firm RiskIQ has published a list of more than thirty IP addresses of Russian malware servers that are linked to the hacker collective APT29 and the Russian government. According to the company, the servers are currently still in active use.

The ball started rolling, according to RiskIQ, after a potential WellMess malware server was mentioned on Twitter early last month. The ip address and ssl certificate were shared on Twitter whereupon RiskIQ started to analyze it. The company searched and found more than thirty similar, active IP addresses and similar SSL certificates and was able to link them ‘with a lot of certainty’ to the server infrastructure that APT29 uses. According to RiskIQ, the servers are still actively used by APT29. The security company cannot say which parties are targets of APT29.

APT29, also known as The Dukes of Cozy Bear, is a Russian hacker collective that last year attacked scientists from the United Kingdom, United States and Canada who were researching the corona vaccine via malware. According to the security services of the US, UK and Canada, the hackers ‘probably’ had the intention to steal information about the development of the vaccine. These security services say that APT29 is ‘almost certainly’ part of the Russian intelligence services.

You might also like
News

X begins to deploy the audio and video calling function (but only paying users can…

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

EU Council determines position on security requirements for digital products

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Telegram has over 800 million active users and is not yet profitable

Exit mobile version