Russian Government Has Allegedly Been Running a 7-Year Malware Campaign

By Jamie Condliffe on at

According to a new report by security researchers at F-Secure Labs, hacking groups funded by the Russian government have been a running a large-scale malware campaign that’s hit the likes of NATO and US government institutions.

The new report describes a hacking group called “the Dukes,” outlining how they used a series malware tools to “to steal information by infiltrating computer networks and sending the data back to attackers”. The attacks — which saw hackers use nine different malware tools, each designed to target specific systems — have been occurring for at least seven years, according to F-Secure.

The researchers point to a number of pieces of evidence to link the attacks to the Russian government. They includes Russian-language error messages found in code, attacks occurring within working hours on Moscow time, and a series of targets who appear to be of great interest to the Russian governments, including embassies, parliaments, and ministries of defence — and never the Russian state. The team also points out that various news stories around the world about hacks didn’t stop the group, suggesting they were afforded a level of protection. The report explains:

“Based on our establishment of the group’s primary mission, we believe the main benefactor (or benefactors) of their work is a government. But are the Dukes a team or a department inside a government agency? An external contractor? A criminal gang selling to the highest bidder? A group of tech-savvy patriots? We don’t know.”

Among the targets of the attacks were the Information Center on NATO and EU, the Ministry of Defence of Georgia, the ministries of foreign affairs in both Turkey and Uganda and a series of government institutions and political think tanks in the United States, Europe and Central Asia. The team also speculates to the Verge that recent digital attacks on the White House and State Department may have been orchestrated by the Dukes.

It is, of course, the most recent in a long line of reports linking Russia to significant cybercrime. How it’s stopped remains anyone’s guess. [The Dukes: 7 Years of Russian Cyberespionage via Verge]

Image by Tischenko Irina/Shutterstock