Russian hackers ‘Fancy Bear’ now targeting governments with rootkit malware

Zack Whittaker reports:

Security researchers say that they have found evidence that for the first time Russia-backed hackers are now using a more sophisticated type of malware to target government entities.

ESET presented its case Thursday that the hacker group, known as Fancy Bear (or APT28), is using rootkit malware to target its victims. That marks an escalation in tactics, which the researchers say the group’s hacking capabilities “may be even more dangerous than previously thought.”

Although the researchers would not name the targeted governments, they said that the hackers were active in targeting the Balkans and some central and eastern European countries.

Read more on TechCrunch.

Related:  LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group

About the author: Dissent