![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZzgasU5_k22Ja5r4lVhmS2YKf-b0Yg8QaVZPrWHMRRJaf_ss_0JmXT9SO9weYVxJT8WnJzrGyj49AUGS1tSKv52FD-a-cnUmlyvTZSxm5zxYNkziYBgaQpdKX5oGYsI_u8vgTPZygftOG5CnXu5fXGhN8DBFYoQDL9WiJ4UpIMszRm-WUEq-7gYH39KTb/s1600/germn.jpg)
An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors.
The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked Ursa, Cozy Bear, Iron Hemlock,
Source:: The Hackers News