Fancy Bear's NotDoor: Hijacking Outlook for NATO Espionage via OneDrive Side-Loading
← Back to Labs
← Volver a Labs
Medium
APT, Campaign, Malware
Persistence
EDR

Fancy Bear's NotDoor: Hijacking Outlook for NATO Espionage via OneDrive Side-Loading

The Russian-linked Fancy Bear (aka APT28) has unleashed NotDoor, a high-stakes espionage campaign targeting NATO member countries. By side-loading through OneDrive trusted application, they silently rewire Windows registries disabling security alerts and forcing malicious macros to run automatically, turning Outlook into a covert Command and Control (C2) channel for attackers.

labs correlati

Contacts

Get in touch with us

Contact Us
chevron-right