Hack attacks on the infrastructure of NATO countries

Criptovalute: ecco come gli hacker truffano sui contratti smart thumbnail

The dramatic geopolitical situation in Ukraine continues to have implications in Europe, with more and more cybercriminal activity targeting Western infrastructure. A recent search of Proofpoint highlights new hacker attacks aimed at European countries that join NATO. Specifically, the experts report the activities of a group called TA473which exploits a Zimbra vulnerability to target the webmail portals of major European governments.

The researchers explain that TA473 is an Advanced Persistent Threat (APT) actor that exploits Zimbra’s CVE-2022-27926 vulnerability to hack Zimbra-hosted webmail portals. Proofpoint’s report suggests that the goal of this activity is gain access to emails from military, government and diplomatic organizations in Europe involved in the Russian-Ukrainian war.

How the TA473 hacker attacks on NATO countries work

After an initial reconnaissance, the hackers organize phishing attacks via email, posing as harmless and significant government resources. As is often the case with phishing emails, the message contains a Malicious URL. This, when clicked, executes a JavaScript payload within the victims’ webmail portals.

Enabling custom and labor-intensive payloads allow hackers to steal usernames, passwords, and store active session tokens and CSRFs from cookies, facilitating access to public webmail portals belonging to NATO-aligned organizations.

Proofpoint researchers recently promoted TA473 to a publicly tracked threat actor. Known in open-source research as Winter Vivern, Proofpoint has been tracking its activities since at least 2021.

  • Mark Brunasso

    Writing is my passion, music is my life and Liam Gallagher my God. Otherwise I’m 30 and a musician, singer and songwriter. Here I mainly write about music and videogames, but everything that has to do with the creation of parallel worlds fascinates me. 🌋From Pompeii with love.🧡

    View all articles

Walker Ronnie is a tech writer who keeps you informed on the latest developments in the world of technology. With a keen interest in all things tech-related, Walker shares insights and updates on new gadgets, innovative advancements, and digital trends. Stay connected with Walker to stay ahead in the ever-evolving world of technology.