APT29 Uses WINELOADER to Target German Political Parties

In late February APT29 used a new backdoor variant publicly tracked as WINELOADER to target German political parties with a CDU-themed lure. This is the first time the APT29 cluster has been observed targeting political parties indicating a possible area of emerging operational focus beyond the typical  targeting of diplomatic missions. This activity presents a broad threat to European and other Western political parties from across the political spectrum.