FireEye has identified a group of state-backed hackers the company says is responsible for a new advanced persistent threat that is designed to evade detection.
FireEye said Wednesday the APT29 group behind the Hammertoss malware originates from Russia and is supported by the Kremlin.
“The novel approach APT29 takes to carry out its attacks and maintain their persistence in networks represents a level of difficulty that security professionals could see trickle down into their own network security operations,“ said Laura Galante, director of threat intelligence at FireEye.
APT29 works to obfuscate network defense measures through steganography, cloud storage and social media, according to FireEye's report.
“As we continue to track APT29, we will be able to bring more intelligence to light that will help our customers improve their defenses against advanced attacks,“ Galante added.