Microsoft Says Russia’s FSB Hacked Foreign Embassies in Moscow

Microsoft reported that Russia’s Federal Security Service conducted a cyber‑espionage campaign targeting foreign embassies in Moscow.

Microsoft identified the threat actor as a hacking group known as Secret Blizzard or Turla.

Microsoft stated that the campaign has been ongoing since at least 2024.

Microsoft confirmed that the espionage operations began in February 2025.

Microsoft explained that the campaign used Internet Service Provider level access in Moscow.

Microsoft researchers said that the threat actor employed adversary‑in‑the‑middle techniques.

Microsoft described that the attackers installed custom malware called ApolloShadow.

Microsoft reported that the malware disabled TLS/SSL encryption to enable plaintext interception.

Microsoft disclosed that the attackers masqueraded ApolloShadow as a Kaspersky security update installer.

Microsoft noted that the attackers used Russia’s SORM intercept system in conjunction with ISP control.

Microsoft warned that the espionage poses high risk to foreign embassies and diplomatic entities operating in Moscow.

Microsoft advised that entities relying on local internet providers in Russia are highly likely to be targeted.

Microsoft recommended that diplomatic entities use VPN or satellite connections to avoid ISP‑level interception.

Stay connected with us for more updates:

#TrendingNow #TopStory #LiveUpdate #BreakingNews #NewsAlert #JustIn #UrgentNews #BigNews #Headlines #FlashNews #MajorNews #Microsoft #FSB #Russia #CyberEspionage #MoscowEmbassies #SecretBlizzard #Turla #ApolloShadow #CyberAttack #DiplomaticSecurity #MalwareAttack #HackingNews #CyberSecurity #InternationalRelations #BreakingNews