A sophisticated spear phishing campaign has been targeting Western and Russian civil society. In collaboration with Access Now, and with the participation of numerous civil society organizations, we uncover this operation and link it to COLDRIVER, a group attributed by multiple governments to the Russian Federal Security Service (FSB).
This campaign, which Canada’s Citizen Lab has investigated in collaboration with Access Now and with the participation of numerous civil society organizations including First Department, Arjuna Team, and RESIDENT.ngo, engages targets with personalized and highly-plausible social engineering in an attempt to gain access to their online accounts.
The researchers attribute this campaign to COLDRIVER (also known as Star Blizzard, Callisto and other designations). This threat actor is attributed to the Russian Federal Security Service (FSB) by multiple governments.
They identified a second threat actor targeting similar communities, whom we name COLDWASTREL. We assess that this actor is distinct from COLDRIVER, and that the targeting that we have observed aligns with the interests of the Russian government.
The URL to which the target is redirected is typically a webpage crafted by the attacker to look like a genuine login page for the target’s email service
DO NOT enter your password after clicking on a link you got in an email, or an emailed pdf, or an emailed word document, or a link you got in telegram, or a strange url that came to you in a dream, or anything else like that. Why is it so difficult to get people to remember this?
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
DO NOT enter your password after clicking on a link you got in an email, or an emailed pdf, or an emailed word document, or a link you got in telegram, or a strange url that came to you in a dream, or anything else like that. Why is it so difficult to get people to remember this?