Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an “aggressive” hacking crew calledĀ APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved with