A U.S. security firm on Monday said a Russian hacker group is likely responsible for a phishing campaign that used emails to impersonate a State Department employee.
FireEye researchers tied the spear phishing campaign to APT29, a group often referred to as “Cozy Bear.” The hackers were targeting U.S. think tanks, the military, federal government and law enforcement, among other sectors, the security firm said in a blog post.
Monday’s finding comes just days after FireEye and another U.S. cybersecurity firm, CrowdStrike, publicly confirmed the phishing campaign.