Microsoft Alerts on APT28's 'GooseEgg' Hack Targeting Windows Vulnerabilities

April 24, 2024
Microsoft Alerts on APT28's 'GooseEgg' Hack Targeting Windows Vulnerabilities
  • Microsoft warns of the Russian APT28 (Fancy Bear) using a new hacking tool called GooseEgg.

  • GooseEgg exploits a vulnerability in the Windows Print Spooler to escalate privileges and steal credentials.

  • APT28 is affiliated with Russia's GRU and uses GooseEgg to gain SYSTEM-level access and deploy additional malware.

  • The hacking tool is spread through Windows batch scripts and maintains persistence via scheduled tasks.

  • APT28 has targeted government, NGO, education, and transportation organizations with GooseEgg after initial compromise.

  • Microsoft's alert underscores the continued risk from APT28 and the critical need for patching security vulnerabilities.

Summary based on 9 sources


Get a daily email with more Tech stories

Related Stories