{"id":38757,"date":"2020-12-17T16:26:45","date_gmt":"2020-12-17T16:26:45","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31857\/How-Suspected-Russian-Hackers-Outed-Their-Massive-Cyberattack.html"},"modified":"2020-12-17T16:26:45","modified_gmt":"2020-12-17T16:26:45","slug":"how-suspected-russian-hackers-outed-their-massive-cyberattack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/","title":{"rendered":"How Suspected Russian Hackers Outed Their Massive Cyberattack"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/static.politico.com\/29\/ad\/7cfd56b74ae8896c55205e58f3ba\/ap20343810689810.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\" story-text__paragraph\">Two congressional staffers briefed on the intrusion said FireEye representatives, who met with multiple lawmakers and their staffers this week to discuss the hack, disclosed a potentially embarrassing detail: that the hackers had exploited a security feature called two-factor authentication to gain access to FireEye\u2019s network by duping an employee into revealing his or her credentials.<\/p>\n<aside class=\"story-enhancement has-borders\">\n<article class=\"media-item orient--horizontal-fixed-fluid parenthetical\"> <\/article>\n<\/aside>\n<p class=\" story-text__paragraph\">In a 2016 blog post, <a href=\"https:\/\/www.fireeye.com\/blog\/threat-research\/2016\/03\/99_problems_but_two-.html\" target=\"_blank\" rel=\"noopener noreferrer\">FireEye laid out how such an attack might be carried out<\/a>, noting that while \u201ctwo-factor authentication is a best practice for securing remote access, it is also a Holy Grail for a motivated red team\u201d \u2014 a reference to security professionals hired to find clients\u2019 weak points \u2014 who can \u201cuse the most straightforward method to acquire the credentials we need: ask the victim to enter them for us. The perfect trap happens to be the simplest to set.\u201d<\/p>\n<p class=\" story-text__paragraph\">Asked for comment, however, FireEye officials denied the congressional staffers\u2019 account, insisting that none of its employees were tricked and that the company caught the breach when the hackers tried to register a new device on FireEye\u2019s system. A spokesperson also reiterated that the SolarWinds compromise was itself the source of the attack against FireEye.<\/p>\n<p class=\" story-text__paragraph\">\u201cWe initially detected the incident because we saw a suspicious authentication to our VPN solution,\u201d said Charles Carmakal, senior vice president and chief technology officer at Mandiant, FireEye\u2019s incident response arm. \u201cThe attacker was able to enroll a device into our multi-factor authentication solution, and that generates an alert which we then followed up on.\u201d<\/p>\n<p class=\" story-text__paragraph\">A FireEye spokesperson later added: \u201cThere is a fundamental misunderstanding of how this attack unfolded. We determined the SolarWinds compromise was the original vector for the attack against FireEye. The cause of FireEye&#8217;s security incident was not a result of an employee being duped or tricked into typing credentials onto a login page; and at no time did we say anything of the sort to Congress or otherwise.\u201d<\/p>\n<p class=\" story-text__paragraph\">The details surrounding the intrusion on FireEye were one revelation from Capitol Hill briefings on <a href=\"https:\/\/www.politico.com\/news\/2020\/12\/14\/massively-disruptive-cyber-crisis-engulfs-multiple-agencies-445376\" target=\"_blank\" rel=\"noopener noreferrer\">the company\u2019s investigation into the massive hack<\/a>, which officials have said may be the most consequential breach of U.S. government networks in five to six years.<\/p>\n<p class=\" story-text__paragraph\">Federal officials and FireEye have said the attackers carried out the stealthy breach of the U.S. government after embedding malicious code into the software updates that SolarWinds offers to its tens of thousands of clients. Nearly 18,000 organizations received the infected code, <a href=\"https:\/\/www.sec.gov\/ix?doc=\/Archives\/edgar\/data\/1739942\/000162828020017451\/swi-20201214.htm\" target=\"_blank\" rel=\"noopener noreferrer\">SolarWinds said this week in a Securities and Exchange Commission filing<\/a>.<\/p>\n<p class=\" story-text__paragraph\">But the hackers essentially pushed their luck after gaining access to FireEye. They attempted to burrow deeper into the firm by registering one of their devices with the company&#8217;s network, which in theory would let them rummage around more without being detected, people familiar with the matter said.<\/p>\n<p class=\" story-text__paragraph\">After discovering the intrusion, FireEye announced earlier this month that sophisticated hackers with \u201cworld-class capabilities\u201d had breached its systems and stole the tools it uses to simulate cyberattacks against its clients. That triggered a broader search for signs of tampering at other companies and government agencies, given how widely SolarWinds\u2019 software is used.<\/p>\n<aside class=\"story-enhancement has-borders\">\n<article class=\"media-item orient--horizontal-fixed-fluid parenthetical\"> <\/article>\n<\/aside>\n<p class=\" story-text__paragraph\">It wasn\u2019t immediately clear how much time passed between the FireEye intrusion and the discovery of the broader hacking scheme.<\/p>\n<p class=\" story-text__paragraph\">At least four agencies briefed the House and Senate intelligence committees on Wednesday about the government\u2019s response, including the FBI, National Security Agency, the Office of the Director of National Intelligence and the Cybersecurity and Infrastructure Security Agency.<\/p>\n<p class=\" story-text__paragraph\">\u201cThe seriousness and duration of this attack demonstrate that we still have enormous and urgent work to do to defend our critical information and networks, that we must move quicker than our adversaries do to adapt,\u201d House Intelligence Chair Adam Schiff (D-Calif.) said in a statement.<\/p>\n<p class=\" story-text__paragraph\">Administration officials separately briefed members of the Senate Armed Services Committee about the cyberattack on Tuesday and Wednesday as part of previously scheduled cyber-focused meetings with senators.<\/p>\n<p class=\" story-text__paragraph\">Sen. Jim Inhofe (R-Okla.), the panel\u2019s chair, expressed alarm that the breach \u201caffects both the government and the private sector,\u201d while Sen. Richard Blumenthal (D-Conn.), a committee member, is pushing for officials to declassify information about the attack.<\/p>\n<p class=\" story-text__paragraph\">During Wednesday morning\u2019s briefing, Blumenthal pressed officials to explain why the briefing was classified.<\/p>\n<p class=\" story-text__paragraph\">\u201cThe American people deserve to know. All of this stuff should be unclassified,\u201d Blumenthal said in an interview, adding that members of his staff have been in touch directly with FireEye employees. \u201cI\u2019m going to make public whatever I can.\u201d<\/p>\n<p class=\" story-text__paragraph\">Senate Intelligence Chair Marco Rubio (R-Fla.), who was briefed this week on the matter, declined to discuss details of the breach but said he might be able to elaborate \u201cin the next couple days.\u201d<\/p>\n<p class=\" story-text__paragraph\">\u201cI just think there\u2019s more information to be gathered here,\u201d Rubio said. \u201cWe should know more soon. Everyone cares about it.\u201d<\/p>\n<p class=\" story-text__paragraph\">Rubio\u2019s counterpart on the committee, Vice Chair Mark Warner (D-Va.), said the government is \u201cstill assessing the extent of the penetration,\u201d but lamented that \u201cthe current president of the United States has not said a word about this.\u201d<\/p>\n<p class=\" story-text__paragraph\">Despite the series of briefings, there are signs that the White House was trying to muzzle top officials seeking to fill in lawmakers on what they know.<\/p>\n<aside class=\"story-enhancement bump-in \">\n<section class=\"sign-up orient--horizontal\">\n<\/section>\n<\/aside>\n<p class=\" story-text__paragraph\">During a National Security Council meeting on Tuesday night, national security leaders were instructed not to reach out to Capitol Hill for briefings on the massive hack without explicit approval from the White House or ODNI, according to people familiar with the episode.<\/p>\n<p class=\" story-text__paragraph\">A spokesperson for the National Security Council did not respond to a request for comment.<\/p>\n<p class=\" story-text__paragraph\">The agencies are still scrambling to assess the full scope of the breaches, which \u201cblindsided\u201d them, according to one person familiar with the reactions. <a href=\"https:\/\/www.politico.com\/news\/2020\/12\/14\/massively-disruptive-cyber-crisis-engulfs-multiple-agencies-445376\" target=\"_blank\" rel=\"noopener noreferrer\">The National Security Council\u2019s Cyber Response Group met on Monday<\/a> to begin formulating a plan for assessing the damage. The hackers may have gained access to agency email accounts as far back as June, but as of now are not believed to have accessed classified information.<\/p>\n<p class=\" story-text__paragraph\"><i>Eric Geller and Kyle Cheney contributed to this report.<\/i><\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31857\/How-Suspected-Russian-Hackers-Outed-Their-Massive-Cyberattack.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":38758,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9103],"class_list":["post-38757","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentrussiacyberwarbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-17T16:26:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1706\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"How Suspected Russian Hackers Outed Their Massive Cyberattack\",\"datePublished\":\"2020-12-17T16:26:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/\"},\"wordCount\":1016,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg\",\"keywords\":[\"headline,hacker,government,russia,cyberwar,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/\",\"name\":\"How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg\",\"datePublished\":\"2020-12-17T16:26:45+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg\",\"width\":2560,\"height\":1706},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-suspected-russian-hackers-outed-their-massive-cyberattack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,russia,cyberwar,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentrussiacyberwarbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How Suspected Russian Hackers Outed Their Massive Cyberattack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/","og_locale":"en_US","og_type":"article","og_title":"How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-12-17T16:26:45+00:00","og_image":[{"width":2560,"height":1706,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"How Suspected Russian Hackers Outed Their Massive Cyberattack","datePublished":"2020-12-17T16:26:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/"},"wordCount":1016,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg","keywords":["headline,hacker,government,russia,cyberwar,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/","url":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/","name":"How Suspected Russian Hackers Outed Their Massive Cyberattack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg","datePublished":"2020-12-17T16:26:45+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/how-suspected-russian-hackers-outed-their-massive-cyberattack-scaled.jpg","width":2560,"height":1706},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/how-suspected-russian-hackers-outed-their-massive-cyberattack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,russia,cyberwar,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentrussiacyberwarbackdoor\/"},{"@type":"ListItem","position":3,"name":"How Suspected Russian Hackers Outed Their Massive Cyberattack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38757","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38757"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38757\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38758"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38757"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38757"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38757"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}