Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » EvilToss and Sourface hacker crew 'likely' backed by Kremlin

EvilToss and Sourface hacker crew 'likely' backed by Kremlin


The Register - (International) FireEye released a report on an advanced persistent threat (APT) actor dubbed APT28 stating that the group used the Sourface downloader and Chopstick and EvilToss malware to attack NATO, Eastern European governments, European defense industry events, the World Bank, and other national and international organizations. The researchers stated that APT28 has been active since 2007 and was likely backed by the Russian government.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:22:17