Check Point researchers have uncovered a recent campaign in which Russian threat actors targeted European embassies in various countries including Nepal, Guyana, Kenya, Italy, Liberia, Bermuda, and Lebanon. The hackers targeted embassy officials with emails containing sophisticated malicious files that were presented as official US State Department documents.
Opening the attachment would prompt the installation of TeamViewer, a popular remote access service, on the victim’s computer. This allowed threat actors to take over the machine. The researchers are not sure if the attackers had geopolitical motives because the campaign “was not after a specific region and the victims came from different places in the world.”
Read more: Russian hackers are targeting European embassies, according to new report