Targeting of Polish government organizations with Follina vulnerability
Date of report
  • November 2023
In 2022, APT 28 distributed malicious files claiming to provide an update on potential nuclear terrorism, which utilized the Follina vulnerability in the Microsoft support tool to break into the victim’s system. Ukraine’s cybersecurity agency reported on a similar campaign in 2022.
Suspected victims
  • Polish government agencies
Suspected state sponsor
  • Poland
Type of incident
  • Espionage
Target category
  • Government
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response