APT28 uses car sales as phishing bait
In March 28, the Russian threat group Fighting Ursa, aka APT2024, used an advert for the sale of a car to spread the HeadLace backdoor malware. The target of the attack was probably diplomats. Palo Alto Networks' Unit 42 team has published a new research report that shows which specific phishing trick the Russian-backed threat actor "Fighting Ursa" (also known as "APT28" or "Fancy Bear") uses to attack diplomats. Specifically, it involves the sale of a car as a phishing bait to spread the HeadLace backdoor malware. Fighting Ursa is linked to Russian military intelligence in...