Russia-based hackers recently targeted attacks against European embassies based across the globe. The hackers used malicious email attachments, which were disguised as "top secret" US government documents, to gain full access to their victims' systems. 

The malware used by the cybercriminals is designed to weaponize TeamViewer - the popular remote access sharing software.  According to researchers at Check Point, who discovered the attack, the Russian hackers targeted European embassies based in Nepal, Kenya, Guyana, Italy, Lebanon, Liberia and Bermuda. 

Given that the campaign specifically targeted individuals in governemnt revenue departments, Check Point security experts suggest that the motive of the attackers may be financial. The researchers were also able to identify a Russian-speaking cybercriminal, who they believe, was in charge of all the hacking tools crafted for and deployed in this campaign.

The cybercriminal, who goes by the pseudonym "EvaPiks" on several underground cybercrime forums, appears to have been careless enough to have left a trail of digital breadcrumbs that led to Check Point's researchers uncovering his/her online history and persona. This suggests that the attackers may not possess the advanced skill sets that are common among the perpetrators of high-profile cyber-espionage campaigns. 

"On the one hand, from the findings we have described, this appears to be a well thought-out attack that carefully selects a handful of victims and uses tailored decoy content to match the interests of its target audience," Check Point researchers said. "On the other hand, some aspects of this attack were carried out with less caution, and have exposed details that are usually well disguised in similar campaigns, such as the personal information and online history of the perpetrator, as well as the outreach of their malicious activity."