Russian threat actor the Dukes ran a phishing campaign posing as various European embassies and sending fake Google Calendar invites that redirected those who clicked on the invite to malicious documents. The operation’s goal appears to be to steal documents related to the Ukraine war.
- Government agencies and diplomats associated with NATO and the European Union
Suspected state sponsor
- Russian Federation
Type of incident