Russian hackers from the GRU-linked group ART28 launched a cyberattack on Polish government institutions this week.
This was reported by the National Research Institute of Poland (NASK).
Hackers sent emails with a link to a free service used by developers. In fact, clicking on it downloaded a ZIP archive with files that allowed hackers to learn the IP address of the victimʼs device and a list of files on the computer, as well as interact with them.
“Technical indicators and similarities to past attacks allowed us to identify the APT28 group behind the described activity. This group is connected to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation," the institute emphasized.
NASK recommended that administrators of public resources check whether their employees were affected by the attack.
- On May 3, Bild wrote that the ART28 group was also accused of attacking the leadership of the Social Democratic Party of Germany in January 2023. Because of this, the German Foreign Ministry summoned the charge dʼaffaires of the Russian embassy.