"APT29 Watering Hole Attacks Used Spyware Exploits"

The Russian-based APT29 group used the same iOS and Google Chrome exploits as NSO Group and Intellexa in an espionage campaign against the Mongolian government. According to the researchers who discovered the campaign, it is still unclear how the APT group got the exploit. Three attacks linked "with moderate confidence" to APT29 in November 2023, February 2024, and July 2024 used the exploits. The campaigns involved watering hole attacks on Mongolian government websites. The threat actors compromised the websites and loaded a hidden iframe. This article continues to discuss new findings regarding the Russian-based APT29 group.

Decipher reports "APT29 Watering Hole Attacks Used Spyware Exploits"

Submitted by grigby1
 

Submitted by Gregory Rigby on