From therecord.media
The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latviaโs Ministry of Defense last week, the ministry told The Record on Friday.
Hackers sent malicious emails to several employees of the ministry, pretending to be Ukrainian government officials. The attempted cyberattack was unsuccessful, the ministry added.
The sample of the malicious email was first shared on Twitter by French cybersecurity company Sekoia.io this week.
Last week, #Gamaredon ๐ท๐บ intrusion set likely impersonated the ๐บ๐ฆ MoD to target the ๐ฑ๐ป MoD by using #spearphishing with the following infection chain: HTMLSmuggling -> ZIP -> LNK -> HTA. They used the already flagged #Gamaredon domain name admou[.]org to send their email.