Menu
Russian cyberspies targeted punk rock band Pussy Riot

Russian cyberspies targeted punk rock band Pussy Riot

Pawn Storm, known for international spying, also targets Russians, Trend Micro said

A closely watched band of suspected Russian hackers have spied on domestic targets, including two members of the outspoken punk rock band Pussy Riot.

Trend Micro said the group, which it refers to as Pawn Storm, has also targeted a software developer in Russia, politicians, artists and journalists in the country.

“Pawn Storm’s targets have mostly been external political entities outside of Russia, but after our analysis we found that a great deal of targets can actually be found within the country’s borders,” wrote Feike Hacquebord, a Trend Micro threat researcher, in a blog post on Tuesday.

Trend came to its conclusion by studying phishing campaigns conducted by Pawn Storm. The group distributes its malware through emails which seek to trick users into clicking on malicious files or links.

It analyzed 12,000 phishing attacks, which sought to steal login credentials, from 2014 and this year. That made it possible “to derive reliable statistics on Pawn Storm targets worldwide,” Hacquebord wrote.

Other security companies, including FireEye, have kept an eye on Pawn Storm over the years. FireEye, which named it APT (advanced persistent threat) 28, said in October it suspected the group was in Russia.

FireEye said much of the group’s malware was set to a Russian language setting, and its working patterns adhered to business hours in Moscow.

Pawn Storm has been active for at least seven years and in the past has focused on geopolitical targets relating to the Caucasus region, Europe and its neighbor, Georgia.

Hacquebord wrote the latest analysis showed two members of the band Pussy Riot have been targeted, as well as a popular Russian rock star.

Russia imprisoned three members of Pussy Riot after they staged an impromptu performance in a Moscow church in early 2012. The group has been highly critical of the Russian government, and their sentences drew worldwide condemnation.

In one another instance, Pawn Storm targeted an active Russian military attache working in a NATO county, which “makes the spies’ motivations even more intriguing,” Hacquebord wrote.

The locations of the top three most targeted people were Ukraine, followed by the U.S. and U.K. In the U.S., Pawn Storm typically pursues the country’s military and affiliated defense companies although it is also interested in energy research, think tanks and academics, he wrote.

Last month, the group attacked high-profile people who use Yahoo’s free email system. The phishing emails were written as if they were notifications from Yahoo for an opt-in program that would improve the deliverability of their email, Hacquebord wrote.

But if users clicked on the link in the email, they unknowingly granted access to their accounts to the attackers using OAuth. OAuth is a protocol for logging into other services using account credentials from another.

“When Yahoo users would opt in, Pawn Storm would get unfettered access to the mailbox,” he wrote.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags punk rockcyberspiestrend microsecurityPawn StormPussy Riot

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments