you had a look at the malware and the C2 infrastructure and you think that it doesn't suggest Russian involvement?
-
-
Replying to @headhntr @ErrataRob
That's not the issue. It could be Russians or Russia-speaking hackers and not be the GRU or FSB.
1 reply 4 retweets 7 likes -
Replying to @jeffreycarr @ErrataRob
I'll admit it's possible APT 29 isn't Russian gov. Last leg attribution can be pretty hairy.pic.twitter.com/yYMVzoSNOV
4 replies 3 retweets 3 likes -
Replying to @headhntr
Isn't APT28 the more interesting question given the Guccifer to WL claims?
@jeffreycarr@ErrataRob2 replies 2 retweets 2 likes -
too quick! Not enough room in one tweet for multiple APT groups :)
1 reply 0 retweets 1 like -
Replying to @headhntr
Sure. But I want smart indy people to focus on the APT28 question bc APT29 is irrelevant given CS claims
@jeffreycarr@ErrataRob1 reply 1 retweet 1 like -
sofacy (APT28) has long been suspected of Russian state links, and was linked to Bundestag hack etc
1 reply 2 retweets 1 like -
Replying to @headhntr @emptywheel and
in CS words, not mine:pic.twitter.com/3kDi7op8oL
2 replies 3 retweets 1 like -
Replying to @headhntr
Which promptly leads to the "how is this a military target?" FSB makes more sense for sabotage.
@jeffreycarr@ErrataRob1 reply 2 retweets 2 likes -
Sofacy attack a lot more than military targets: https://en.wikipedia.org/wiki/Sofacy_Group …
2 replies 2 retweets 1 like
I was partly pointing out how stupid the CS report is from a logic standpoint. As is ThreatConnect. @jeffreycarr @ErrataRob
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.