Russian cyber attackers recently targeted a number of embassies in Europe by employing a weaponised version of TeamViewer — a popular remote access service and malware disguised as a top secret US government document, according to media reports.
“They typically emailed the officials Microsoft Excel sheets with malicious macros that appeared to have originated from the United States State Department. Once opened, the hackers were able to gain full control of the infected computer by weaponising the installed TeamViewer software,” The Verge reported late on Monday.
The hackers attacked European embassies in Kenya, Italy, Liberia, Nepal, Guyana, Bermuda and Lebanon, among others.
“While Russian in origin, it’s unlikely that these attacks were state-sponsored. One perpetrator was traced back to a hacking and carding forum and registered under the same username, ‘EvaPiks’ on both.
“‘EvaPiks’ posted instructions on how to carry out this kind of cyber attack on forums and advised other users as well,” the report added.
Check Point Research has pointed out several other similar attack campaigns, including some targeting Russian-speaking victims as well.
Due to the attackers’ background in the illegal carding community, Check Point suggested that they could have been “financially motivated”, the report suggested.