Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Threat actors suspected to be Russian are using a novel social engineering tactic to gain access to victims’ emails. The tactic involves impersonating the U.S. Department of State and convincing targets to set up application-specific passwords, which are then used to establish persistent access to the victim’s mailbox. The attacks are meticulously planned and executed, often spanning several weeks to build rapport with the targets.