Visibly functioning since at least the mid-2000s, the Sednit group (aka APT28/ Sofacy /Fancy Bear /Pawn Storm) has been the purported source of numerous attacks on high-value and highly sensitive targets. Attacks against the French and German Election Processes as well as campaign(s) against the U.S. Government highlight just a few of their recently attributed efforts.
CERT-EU (Computer Emergency Response Team for the EU Institutions) recently reported on a campaign which, again, illustrates this group’s capability. This most recent example is targeted directly at the information security community/ industry.
The spear-phishing campaign directly targets attendees of the 2017 International Conference on Cyber Conflict U.S. conference (CyCon U.S.). This is a NATO-organized conference scheduled to occur in Washington D.C between the 7th and 8th of November 2017.
In this video, watch CylancePROTECT® guard against recent malware used by APT28.
Read our research team's deep dive blog on this malware here: https://www.cylance.com/en_us/blog/cylance-vs-apt28-vba-malware.html