The United States has blocked more than 100 domains associated with the ColdRiver hacking group, which is claimed to have connections to the Federal Security Service (FSB) of Russia.
This information comes from the U.S. Department of Justice.
The Justice Department reported that these domains were used for phishing attacks aimed at gaining access to confidential information, including data on former and current intelligence officials, members of the Department of Defense, the State Department, and other U.S. government agencies.
ColdRiver, also known as the Callisto Group, employed fake emails and websites to gather information by masquerading as legitimate resources. According to the Justice Department, the hackers are believed to collaborate with Center-18, a unit of the FSB specializing in cyberattacks against American government institutions.
In September, it was also revealed that a phishing attack targeted the Free Russia fund, which opposes Kremlin policies. Hackers allegedly linked to ColdRiver attempted to undermine the fund's operations and are believed to have sought to create a pretext for repression against pro-democracy activists criticizing Russia's actions in Ukraine.
