Cozy Bear, classified by the U.S. as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia.
In June 2016, Cozy Bear was implicated alongside the hacker group Fancy Bear in the Democratic National Committee cyber attacks. While the two groups were both present in the DNC’s servers at the same time, they appeared to be unaware of the other, each independently stealing the same passwords and otherwise duplicating their efforts. A CrowdStrike forensic team determined that while Cozy Bear had been on the DNC’s network for over a year, Fancy Bear had only been there a few weeks. Cozy Bear’s more sophisticated tradecraft and interest in traditional long-term espionage suggest that the group originates from a separate Russian intelligence agency.
read more »
The Daily Omnivore 