UK ties GRU to stealthy Microsoft 365 credential-stealing malware

Threat Level

79% BleepingComputer 3 hours ago

UK ties GRU to stealthy Microsoft 365 credential-stealing malware Bill Toulas July 18, 2025 03:39 PM 0 The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), a threat actor already linked to Russia’s military intelligence service (GRU). The NCSC revealed in a detailed technical analysis of the Authentic Antics malware dated May 6th that it is stealing credentials and OAuth 2.0 tokens that allow access to a target's...

Continue Reading on Original Site

Threat Intelligence

APT Groups 1

APT28

Ransomware 5

First Sanctions Storm Unknown Zlader

Attack Types 2

Phishing Ransomware

MITRE ATT&CK 1

Phishing

Business Intelligence

Companies 1

Microsoft

Agencies 4

GCHQ GRU NCSC National Cyber Security Centre

Countries 1

Russia

Platforms 2

Microsoft 365 SharePoint

Information

Article ID: #3836
Published: 3 hours ago
Source: BleepingComputer

UK ties GRU to stealthy Microsoft 365 credential-stealing malware

Recommended Articles

Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands

Russian alcohol retailer WineLab closes stores after ransomware attack

Arch Linux pulls AUR packages that installed Chaos RAT malware

Botnet Abuses GitHub Repositories to Spread Malware

Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution

Recommended Articles

Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands

Russian alcohol retailer WineLab closes stores after ransomware attack

Arch Linux pulls AUR packages that installed Chaos RAT malware

Botnet Abuses GitHub Repositories to Spread Malware

Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies