Advanced attacks identified by security researchers
The IT security company Check Point Software warns of an ongoing wave of targeted phishing attacks identified by the company's research team at Check Point Research. Since the beginning of the year, attacks have targeted public officials across Europe, with attackers using advanced techniques that are strongly reminiscent of previous methods linked to the Russian cybercriminal group APT29.

APT29 – a well-known actor in cyber espionage
APT29, also known as Midnight Blizzard or Cozy Bear, has previously carried out several organized cyberattacks against government institutions and other high-profile targets. The group is known for using sophisticated and customized malicious code in its attacks. campaigns.
The “Wineloader” phishing campaign
In its latest wave of attacks, it claims to be APT29 to represent a foreign ministry from a major European country and sends out misleading emails inviting recipients to wine tasting events. The campaign goes by the name Wineloader and specifically targets diplomats and public sector personnel in Europe. The emails contain malicious links which either download a backdoor or lead to fake websites. All emails have been sent from two domains designed to appear to belong to a State Department, making it difficult to detect that it is a phishing attempt.
Increased difficulty in identifying threats
– Phishing is often an underestimated type of attack by many, says Fredrik Sandström, security expert at Check Point Software. In the past, it was quite easy to detect a phishing attempt, but it is becoming increasingly difficult when cybercriminals develop their strategies. Today they create customized emails that, for that human eye, are almost impossible to distinguish from legitimate ones.
Security recommendations for the public sector
Check Point Software urges organizations to raise awareness around this type of threat, especially in the public sector, and to implement strong security procedures to prevent future breaches.
For more information, read Check Point Software blog:
👉 Unmasking APT29 – The Sophisticated Phishing Campaign Targeting European Diplomacy








