Infrastructure Patterns Lead to More Than 30 Active APT29 C2 Servers
released on 2021-08-03 @ 09:29:04 AM
Russian cyber-espionage group APT29 (The Dukes, Yttrium, Cozy Bear) is actively serving malware previously used in an espionage campaign in the UK, US and Canada. They attributed the malware used in the campaign, known as WellMess and WellMail, with APT29.