CylancePROTECT vs. APT28s VBA Malware


Visibly functioning since at least the mid-2000s, the Sednit group (aka APT28/ Sofacy /Fancy Bear /Pawn Storm) has been the purported source of numerous attacks on high-value and highly sensitive targets. Attacks against the French and German Election Processes as well as campaign(s) against the U.S. Government highlight just a few of their recently attributed efforts.

CERT-EU (Computer Emergency Response Team for the EU Institutions) recently reported on a campaign which, again, illustrates this group’s capability. This most recent example is targeted directly at the information security community/ industry.

The spear-phishing campaign directly targets attendees of the 2017 International Conference on Cyber Conflict U.S. conference (CyCon U.S.). This is a NATO-organized conference scheduled to occur in Washington D.C between the 7th and 8th of November 2017.

In this video, watch CylancePROTECT® guard against recent malware used by APT28.

Read our research team's deep dive blog on this malware here: