Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Secret Blizzard, a Russian nation-state threat actor, is conducting a cyber espionage campaign against foreign embassies in Moscow using ISP-level adversary-in-the-middle attacks. They are deploying a custom malware called ApolloShadow, which can install a trusted root certificate.