Russian state-sponsored hackers, UNC6293, are bypassing multi-factor authentication by using social engineering to trick targets into sharing app-specific passwords, granting them access to Gmail accounts. This sophisticated campaign targets high-profile individuals, including academics and government critics, emphasizing the importance of advanced security measures. #UNC6293 #APT29 #GoogleThreatIntel
Keypoints
- Hackers impersonate U.S. State Department officials to deceive targets.
- The campaign involves creating and sharing app-specific passwords to access Gmail accounts.
- Threat actor UNC6293 is believed to be associated with Russiaβs SVR and APT29 group.
- The attacks utilize carefully crafted phishing emails and fake identities.
- Google recommends using its Advanced Protection Program to mitigate such threats.