{"id":70490,"date":"2023-08-18T11:16:48","date_gmt":"2023-08-18T03:16:48","guid":{"rendered":"https:\/\/version-2.com\/?p=70490"},"modified":"2023-08-14T11:19:53","modified_gmt":"2023-08-14T03:19:53","slug":"eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2023\/08\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\/","title":{"rendered":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"70490\" class=\"elementor elementor-70490\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"content-c9404452\" class=\"csc-frame csc-frame-default\"><div id=\"content-c9471545\" class=\"csc-frame csc-frame-default\"><ul><li>MoustachedBouncer is a threat group, recently discovered by ESET researchers, which specializes in the espionage of foreign embassies, including European ones, in Belarus. It is very likely aligned with Belarus interests.<\/li><li>The group has been operating since at least 2014 and has used the adversary-in-the-middle (AitM) technique since 2020 to redirect captive portal checks to a Command and Control (C&amp;C) server and deliver spyware.<\/li><li>ESET believes that MoustachedBouncer uses a \u201clawful interception system\u201d to conduct its AitM operations.<\/li><li>Since 2014, the group has been operating a malware framework that we have named NightClub. It uses email protocols for C&amp;C communications. Since 2020, the group has been using, in parallel, a second malware framework that we have named Disco.<\/li><li>NightClub and Disco support additional spying plugins, including a screenshotter, an audio recorder, and a file stealer.<\/li><\/ul><p class=\"bodytext\"><strong>BRATISLAVA, MONTREAL, LAS VEGAS \u2014 August 10, 2023 \u2014<\/strong> ESET Research has discovered a new cyberespionage group, MoustachedBouncer. It is named after its presence in Belarus and is aligned with the interests of the local government. Active since at least 2014, the group targets only foreign embassies, including European ones, in Belarus. Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets. The group uses two separate toolsets that ESET has named NightClub and Disco. The research was exclusively presented during the Black Hat USA 2023 conference on August 10, 2023, by ESET researcher Matthieu Faou.<\/p><p>According to ESET telemetry, the group targets foreign embassies in Belarus, and ESET has identified four countries whose embassy staff have been targeted: two from Europe, one from South Asia, and one from Africa. ESET assesses that MoustachedBouncer is very likely aligned with Belarus interests and specializes in espionage, specifically against foreign embassies in Belarus. MoustachedBouncer uses advanced techniques for Command and Control (C&amp;C) communications, including network interception at the ISP level for the Disco implant, emails for the NightClub implant, and DNS in one of the NightClub plugins.<\/p><p class=\"bodytext\">While ESET Research tracks MoustachedBouncer as a separate group, we have found elements that make ESET assess with low confidence that it is collaborating with another active espionage group, Winter Vivern, which has targeted government staff of several European countries, including Poland and Ukraine, in 2023.<\/p><p class=\"bodytext\">To compromise their targets, MoustachedBouncer operators tamper with their victims\u2019 internet access, probably at the ISP level, to make Windows believe it\u2019s behind a captive portal. For IP ranges targeted by MoustachedBouncer, network traffic is redirected to a seemingly legitimate, but fake, Windows Update page,\u201d says ESET researcher Matthieu Faou, who discovered the new threat group. \u201cThis adversary-in-the-middle technique occurs only against a few selected organizations, perhaps just embassies, not countrywide. The AitM scenario reminds us of the Turla and StrongPity threat actors, who have trojanized software installers on the fly at the ISP level.\u201d<\/p><p>\u201cWhile the compromise of routers in order to conduct AitM attacks on embassy networks cannot be fully discarded, the presence of lawful interception capabilities in Belarus suggests the traffic mangling is happening at the ISP level rather than on the targets\u2019 routers,\u201d explains the ESET researcher.<\/p><p class=\"bodytext\">Since 2014, the malware families used by MoustachedBouncer have evolved, and a big change happened in 2020, when the group started to use adversary-in-the-middle attacks. MoustachedBouncer operates the two implant families in parallel, but on a given machine, only one is deployed at a time. ESET believes that Disco is used in conjunction with AitM attacks, while NightClub is used for victims where traffic interception at the ISP level isn\u2019t possible because of a mitigation such as the use of an end-to-end encrypted VPN where internet traffic is routed outside of Belarus.<\/p><p>\u201cThe main takeaway is that organizations in foreign countries where the internet cannot be trusted should use an end-to-end encrypted VPN tunnel to a trusted location for all their internet traffic in order to circumvent any network inspection devices. They should also use top-quality, updated computer security software,\u201d advises Faou.<\/p><p>The NightClub implant uses free email services, namely the Czech webmail service Seznam.cz and the Russian Mail.ru webmail provider, to exfiltrate data. ESET believes the attackers created their own email accounts, instead of compromising legitimate ones.<\/p><p>The threat group focuses on stealing files and monitoring drives, including external ones. The capabilities of NightClub also include audio recording, taking screenshots, and logging keystrokes.<\/p><p class=\"bodytext\">For more technical information about MoustachedBouncer, check out the blog post \u201c<a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/moustachedbouncer-espionage-against-foreign-diplomats-in-belarus\/\" target=\"_blank\" rel=\"noopener\">MoustachedBouncer: Espionage against foreign diplomats in Belarus<\/a>\u201d on WeLiveSecurity. Make sure to follow <a href=\"https:\/\/twitter.com\/ESETresearch\" target=\"_blank\" rel=\"noopener\">ESET Research on Twitter (X)<\/a> for the latest news from ESET Research.<\/p><p class=\"align-center\"><strong>MoustachedBouncer compromise via AitM scenario<\/strong><\/p><p class=\"align-center\"><strong><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png\" alt=\"\" width=\"624\" height=\"393\" \/><\/strong><\/p><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18159\" class=\"elementor elementor-18159\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-73b4cd0 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"73b4cd0\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d19c1e\" data-id=\"8d19c1e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8865cce elementor-widget elementor-widget-text-editor\" data-id=\"8865cce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About ESET<\/strong><br \/>For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&amp;D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>MoustachedBouncer is a threat group, recently discovere [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1075,40,61],"tags":[41,1076],"class_list":["post-70490","post","type-post","status-publish","format-standard","hentry","category-year2023","category-eset","category-press-release","tag-eset","tag-1076"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2\" \/>\n<meta property=\"og:description\" content=\"MoustachedBouncer is a threat group, recently discovere [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-18T03:16:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/08\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level\",\"datePublished\":\"2023-08-18T03:16:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/08\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\\\/\"},\"wordCount\":783,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/MoustachedInfo.png\",\"keywords\":[\"ESET\",\"2023\"],\"articleSection\":[\"2023\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/08\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/\",\"name\":\"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/MoustachedInfo.png\",\"datePublished\":\"2023-08-18T03:16:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/MoustachedInfo.png\",\"contentUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/MoustachedInfo.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/int\\\/about\\\/newsroom\\\/press-releases\\\/research\\\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/","og_locale":"zh_HK","og_type":"article","og_title":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2","og_description":"MoustachedBouncer is a threat group, recently discovere [&hellip;]","og_url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/","og_site_name":"Version 2","article_published_time":"2023-08-18T03:16:48+00:00","og_image":[{"url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"6 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/08\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level","datePublished":"2023-08-18T03:16:48+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/08\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\/"},"wordCount":783,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png","keywords":["ESET","2023"],"articleSection":["2023","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/08\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-network-tampering-at-the-isp-level\/","url":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/","name":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png","datePublished":"2023-08-18T03:16:48+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#primaryimage","url":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png","contentUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/INT\/OG_images\/MoustachedInfo.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/int\/about\/newsroom\/press-releases\/research\/eset-research-discovers-moustachedbouncer-targeting-european-and-other-diplomats-in-belarus-via-netw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"ESET Research discovers MoustachedBouncer targeting European and other diplomats in Belarus via network tampering at the ISP level"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-ikW","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/70490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=70490"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/70490\/revisions"}],"predecessor-version":[{"id":70494,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/70490\/revisions\/70494"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=70490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=70490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=70490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}