Threat Intelligence
Report: Hacking group use AiTM attacks to spy on diplomats
TechCrunch reports that a government hacking group called MoustachedBouncer has been targeting or hacking diplomats in the Belarusian government for almost 10 years.
According to a recently released report by the antivirus company ESET, at least four foreign embassies — one from South Asia, two from Africa, and two from Europe — have been attacked by the group since 2014. The group intercepts the connections of diplomats at the internet service provider (ISP) level.
ESET researchers think Belarusian ISPs are helping the attacks, allowing the hackers to utilize a legal intercept system called SORM that is similar to the one used by Russia, although it's unclear how the group uses the adversary-in-the-middle (AitM) tactic to intercept and change traffic.
The operators were trained to find some confidential documents, but were not sure exactly what they were looking for, said ESET researcher Matthieu Faou. "They stayed under the radar for a long time."
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds