Google has issued a warning that ColdRiver, a Russian threat group well-known for its phishing attacks, has also been creating original malware.
To assist defenders in identifying and assessing the threat, the internet behemoth has made indicators of compromise (IoCs) and YARA rules available. TA446; Dancing Salome; Star Blizzard; Callisto Group; BlueCharlie; and other companies track ColdRiver. The group is well-known for carrying out influence campaigns and cyberespionage operations, and it has been connected to a branch of Russia’s FSB security service.
Typically, the hackers target US, UK, and other NATO countries’ academic, defense, government, non-governmental, and think tank sectors.
Read More: Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
