Dozens of active Cozy Bear C2 servers for data-stealing malware identified

clock • 2 min read

WellMess and WellMail malware strains have been used in espionage campaigns targeting Covid-19 research

Researchers from RiskIQ's Team Atlas claim to have uncovered more than 30 active command-and-control (C2) servers that are being used by Russia-backed advanced persistent threat group APT29 in an a...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Microsoft says source code stolen in Russian hacking escalation

Hacking

Customers may have been affected

clock 11 March 2024 • 2 min read
Russian hackers exploit Ubiquiti routers in covert cyberattacks, FBI warns

Threats and Risks

Routers will not auto update firmware unless configured to do so

clock 03 March 2024 • 2 min read
US charges two Russian nationals in LockBit ransomware case amid global crackdown

Law

The indictments coincide with a significant takedown of LockBit in a joint operation by US, UK, and other international law enforcement agencies

clock 21 February 2024 • 3 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Threats and Risks

Microsoft Patch Tuesday fixes two critical bugs

Microsoft Patch Tuesday fixes two critical bugs

Microsoft fixed 60 vulnerabilities, including 18 remote code execution flaws in its March Patch Tuesday update.

John Leonard
clock 13 March 2024 • 3 min read
Lazarus uploading malware to open-source PyPl software repository

Lazarus uploading malware to open-source PyPl software repository

Supply chain attack leaves developers in Asia at particular risk

clock 12 March 2024 • 3 min read
Patch VMware vulnerabilities, admins urged

Patch VMware vulnerabilities, admins urged

ESXi, Workstation Pro/Player, Fusion Pro/Fusion and Cloud Foundation affected

John Leonard
clock 07 March 2024 • 1 min read