RiskIQ said in a report that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research.