Germany summons Russian envoy over Fancy Bear hacking


Germany summoned the acting representative of the Russian embassy over a sweeping cyberespionage campaign dating back to 2022 that Berlin blames on Moscow's GRU military intelligence service.

"We and our partners will not tolerate these cyberattacks and will use the entire spectrum of measures to prevent, deter and respond to Russia's aggressive behaviour in cyberspace," a foreign ministry spokesperson said.

The Russian embassy did not immediately respond to a request for comment. Russia has denied past allegations by Western governments of cyberattacks.

The attacks in 2022 targeted Germany's governing Social Democrats as well as the logistics, defence, aerospace and IT sectors, the interior ministry said in a statement.

The ministry said APT 28, which reports to the GRU, exploited a then-unknown vulnerability in Microsoft Outlook over a longer period of time in order to compromise email accounts.

A German spokesperson for Microsoft referred Reuters to a blog post stating that a Russian-based actors had been using a tool referred to as GooseEgg since as early as April 2019 to steal credentials.

Institutions in the Czech Republic have also been targeted as part of the alleged campaign since last year, its Foreign Ministry said on Friday.

A spokesperson for the German interior ministry said "the security gaps must be actively closed and we are pushing for this to happen."

An international operation led by the FBI in January had prevented devices compromised in the attacks from being misused for cyberespionage operations worldwide, the ministry said.

"The Russian cyberattacks are a threat to our democracy, which we are resolutely countering," Interior Minister Nancy Faeser said in a statement, adding that Germany was acting alongside the EU and NATO.

Faeser added that it was particularly critical to counter such attacks from Russia ahead of the European Parliament elections in June and other elections this year.

APT28, also known as Fancy Bear, has been active worldwide since at least 2004, primarily in the field of cyberespionage. According to Germany's domestic intelligence agency, it is one of the most active and dangerous cyberactors worldwide.


More from Cybernews:

Thousands of Airsoft players under threat after data breach

Android apps with 4B installs leave open doors to code execution attacks

OpenAI’s first Sora-generated music video released

Man sentenced for possession of deepfake abuse materials

LastPass attempts to open a new chapter by separating from its parent company

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked