Kazakhstan’s national oil company KazMunayGas dismisses claims of a Russian-linked cyber attack, stating it was part of a scheduled internal phishing simulation. The controversy highlights the challenges in distinguishing between cyber threats and internal security exercises. #NoisyBear #KazMunayGas
Keypoints
- KazMunayGas conducted a planned internal phishing exercise in May 2025.
- Seqrite Labs linked the phishing activity to the Russian-speaking group NoisyBear.
- Attackers used compromised employee inboxes to send malicious emails disguised as corporate notices.
- Seqrite associated the attack infrastructure with the sanctioned provider Aeza Group, linked to Russia.
- The company clarified that the incident was part of a security awareness test, not an actual attack.
Read More: https://therecord.media/kazakstan-oil-company-kazmunaygas-phishing-simulation-not-cyberattack