Russian hackers recently attacked a number of US embassies around the world by emailing malicious attachments disguised as official State Department documents to officials, according to a new report from Check Point Research.
The hackers targeted US embassies in Nepal, Guyana, Kenya, Italy, Liberia, Bermuda, and Lebanon, among others. They typically emailed the officials Microsoft Excel sheets with malicious macros that appeared to have originated from the State Department. Once opened, the hackers were able to gain full control of the infected computer by weaponizing installed software called TeamViewer, a popular remote access service.
“It is hard to tell if there are geopolitical motives behind this campaign by looking solely at the list of countries it was targeting,” the press release says, “since it was not after a specific region and the victims came from different places in the world.”
Government finance officials were also subject to these attacks, and Check Point notes that these victims were of particular interest to the hackers. “They all appear to be handpicked government officials from several revenue authorities,” the press release says.
The hackers appeared to be highly sophisticated, carefully planning out the attacks, using decoy documents tailored to their victim’s interests,