Russian-linked hackers attacked foreign diplomats in Ukraine using BMW ads – Kommersant

Russia-linked hackers gained access to the data of foreign diplomats in Ukraine through an advertisement for the sale of a BMW car, reports Reuters citing own sources. The attack was directed against diplomats working in at least 22 of the approximately 80 foreign missions in the Ukrainian capital.

According to Reuters sources, the hacker group APT29 (its other name is “Cozy Bear”), allegedly cooperating with the Russian Foreign Intelligence Service, was involved in the attack.

According to the agency, in mid-April 2023, a diplomat from the Polish Foreign Ministry sent an email to other diplomatic missions operating in Ukraine with an advertisement for the sale of a used BMW 5-series sedan. Subsequently, the hacker group intercepted and copied this ad, injected it with malware, and then sent it to dozens of other foreign diplomats in Kyiv. The software was disguised as an album of photos of a used car, and the hackers also lowered the price of the car in the ad. When trying to open an ad, a computer or any other gadget was infected with malware.

It is not specified which of the diplomats became the victim of a cyber attack, and none of the representatives of the embassies provided official comments to the publication. The US State Department said it was aware of the information about the attack, but none of the US diplomats were injured as a result of it.

Alexander Kislov