The NSA Has A Warning: Russia’s Most Infamous Hackers Are Still Active

The NSA has a warning: Russia’s most infamous hackers are still active

The alert describes how the GRU is targeting a vulnerability in unpatched Unix systems, an alternative to the operating systems of Microsoft and Apple.

NBC News · by Kevin CollierKevin Collier is a cybersecurity reporter based in New York City. · May 28, 2020

The same Russian intelligence unit that leaked Democrats’ files in 2016 is engaged in an ongoing email hacking campaign, the National Security Agency announced Thursday.

Hackers in Russia’s GRU, its military intelligence agency, regularly target email accounts, as is common for many with robust cyber capabilities. But this is the first time that the NSA has issued a direct public alert that named the agency and warned of an ongoing hacking campaign.

It wasn’t immediately clear if the advisory was merely a byproduct of the NSA’s stated desire to be a better public adviser to the public on cybersecurity issues, or if it had a particular strategic aim. The agency launched its Cybersecurity Directorate in October with the intent of being a more open cybersecurity ally. In January, it said that it had alerted Microsoft to a critical Windows vulnerability rather than exploiting the flaw for its own purposes, the first time it made such an announcement.

The alert describes how the GRU is targeting a vulnerability in unpatched Unix systems, an alternative to the operating systems of Microsoft and Apple. It does not specify who it has seen targeted.

It does specify that the campaign is the work of GRU’s Unit 74455, which has been tied to some of the most infamous cyberattacks in history. The U.S. Justice Department has accused Unit 74455 of creating the Guccifer 2.0 and DCLeaks personas, which then leaked stolen Democratic emails and files as part of its 2016 election interference campaign.

“They are probably Russia’s most brazen and successful cyberattack organization,” said John Hulquist, the director of threat intelligence at FireEye, which tracks the group.

The U.K. has named 74455 as the creators of NotPetya, the ransomware worm that grew wildly out of control and spread around the world in 2017, causing billions of dollars in damage and prompting international outcry.

In February, the State Department accused Unit 74455 of running a multitiered harassment campaign against the nation of Georgia.

NBC News · by Kevin CollierKevin Collier is a cybersecurity reporter based in New York City. · May 28, 2020

3 comments

  1. Like!! I blog frequently and I really thank you for your content. The article has truly peaked my interest.

  2. Benim adım Nevin. Ayrıcalıklar için bir rehber olarak, bir gezi, bir akşam yemeği veya samimi bir toplantı için buluşuyorum. Randevu otel odanızda veya evinizde belirli koşullar altında tercih edilecektir. ve her ihtimale karşı, http://www.sanalanket.comsitesi üzerinden, izmir bölgesinde sizi alabilirdim

  3. Hey there just wanted to give you a quick heads up and let you know a few of the pictures aren’t loading correctly. I’m not sure why but I think its a linking issue. I’ve tried it in two different internet browsers and both show the same outcome.

Leave a Reply

Your email address will not be published. Required fields are marked *