Russian APT Phishes Kazakh Gov’t for Strategic Intel

A suspected Russia-linked threat actor, UAC-0063, is executing spear phishing attacks against diplomatic entities in Kazakhstan, aiming to collect strategic intelligence. The campaign, active since at least 2022, utilizes legitimate diplomatic documents, likely obtained from Kazakhstan’s Ministry of Foreign Affairs, to lure targets into enabling malicious macros. This cyber espionage aligns with Russia’s broader efforts to gain insights into Kazakhstan’s strategic interests, particularly its growing ties with Western states and China.