"'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs"

An Advanced Persistent Threat (APT) group with ties to Belarus spied on staff in at least four embassies operating in the country, most likely by abusing the country's local Internet Service Provider (ISP). According to malware researcher Matthieu Faou, "MoustachedBouncer" is nearly a decade old and aligned with the interests of the Belarusian government. From 2017 to 2022, the group effectively compromised diplomats from one Southeast Asian country, one African country, and two European countries using custom information-stealing malware. The exact intrusion technique is still unclear. MoustachedBouncer may have infected routers at individual embassies, but ESET determined that it likely exploited lawful communications interception technology used by the governments of Belarus and Russia. This article continues to discuss the MoustachedBouncer espionage campaign. 

Dark Reading reports "'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs"