Russian hackers designed an elaborate social engineering scheme to circumvent Gmail's multi-factor authentication (MFA) by posing as US Department of State staff. Focusing on prominent academics and critics of Russia, the attackers sent tailored phishing emails from April to June, encouraging victims to generate app-specific passwords, granting them unauthorized access to Gmail accounts. The hacking group, identified as UNC6293, is suspected of being state-sponsored, potentially linked to APT29, known for targeting governmental and research entities since at least 2008. Investigations revealed deceptive email tactics mimicking official communication without evidence of real Department employment.
The hackers bypassed multi-factor authentication by using advanced social engineering tactics, impersonating US Department of State employees to phish personalized app-specific passwords from their targets.
Security researchers have identified the perpetrating group, UNC6293, as likely linked to APT29, a state-sponsored hacking team associated with Russian intelligence, focusing on high-profile targets.
Collection
[
|
...
]