In July last year, government agencies from the U.S., U.K., and Canada, said that APT29 was “almost certainly” part of the Russian intelligence services and accused it of hacking organizations involved in the development of the Covid-19 vaccine and stealing intellectual property. The same group was also allegedly involved in the 2016 hack on the Democratic National Committee and the breach of SolarWinds, which was disclosed last year, according to U.S. officials. The Russian embassy in Washington referred to an earlier statement, in which it urged journalists to stop “sweeping accusations” and said it was confident that discussions with the U.S. related to cyberspace would “improve the security of the information infrastructure of our countries.”
Security researchers say they have uncovered an ongoing hacking campaign carried out by suspected Russian spies who are continuing to stage attacks amid U.S. pressure on the Kremlin to curtail its alleged cyber-intrusions. From a report: The California-based cybersecurity firm RiskIQ Inc. said in a report released on Friday that it had uncovered more than 30 command and control servers — used by cybercriminals to send orders to compromised networks or receive stolen data — associated with the state-sponsored hacking group, which is known as APT29 or Cozy Bear. The group is using the servers to deploy malicious software named WellMess, according to RiskIQ. APT stands for “advanced persistent threat,” and is a term often used to describe state-sponsored hacking groups.