Cozy Bear hackers may be impersonating State Department
Photo: Mandel Ngan/AFP/Getty Images
Cozy Bear, hackers who the U.S. and other governments believe to be Russian intelligence, appears to be impersonating the State Department in a new hacking campaign that's been observed attacking several sectors. FireEye, a cybersecurity company, first made the announcement on Twitter.
The big picture: It's nothing new for Cozy Bear to impersonate government officials, or anyone else who could lure people into downloading a file. That doesn't make it less aggressive — or less dangerous — for them to use the State Department to accomplish their goal.
FireEye is not making a firm attribution to Cozy Bear at this time. It's just saying the attacks show similarities to Cozy Bear's toolkit and techniques.
The targets spanned different sectors: defense, law enforcement, local government, media, pharmaceuticals, think tanks, transportation and the public sector. They appear to be the same or similar targets to a 2016 campaign associated with Cozy Bear.
What they're saying: "FireEye is continuing to investigate the true intention of the campaign," said Nick Carr, senior manager of adversary methods at FireEye.
Editor's note: The headline and story have been corrected to show that the Russian hacking group in question is Cozy Bear (not Fancy Bear).