Targeting of European government agencies and diplomats

Date of report

April 2023

Affiliations

The Dukes

Russian threat actor the Dukes ran a phishing campaign posing as various European embassies and sending fake Google Calendar invites that redirected those who clicked on the invite to malicious documents. The operation’s goal appears to be to steal documents related to the Ukraine war.

Suspected victims

Government agencies and diplomats associated with NATO and the European Union

Suspected state sponsor

Russian Federation

Type of incident

Espionage

Target category

Government

Victim government reaction

Policy response

Confirmation

Suspected state sponsor response

Unknown

Espionage campaign linked to Russian intelligence services

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events