About past, present and future of Ukraine

Search mobile

Main War Russian hackers attacked the armed forces of several Eastern European countries and the NATO Center of Excellence

War

Russian hackers attacked the armed forces of several Eastern European countries and the NATO Center of Excellence

381
Russian hackers attacked the armed forces of several Eastern European countries and the NATO Center of Excellence

Share this article


The Russian hacker group COLDRIVER, also known as Calisto, attacked the armed forces of several Eastern European countries and one of NATO's centers of excellence. Reported by Google.


During the attacks, the hackers used newly created Gmail accounts.

They sent phishing emails to non-Google emails, so the success rate of these attacks is unknown, the report says. The group also launched phishing attacks targeting several U.S.-based non-governmental organizations and think tanks, the military of a Balkan country, and a Ukrainian-based defense contractor.

"Curious Gorge, a group TAG attributes to China's PLA SSF, has conducted campaigns against government and military organizations in Ukraine, Russia, Kazakhstan, and Mongolia. While this activity largely does not impact Google products, we remain engaged and are providing notifications to victim organizations.

COLDRIVER, a Russian-based threat actor sometimes referred to as Calisto, has launched credential phishing campaigns, targeting several US based NGOs and think tanks, the military of a Balkans country, and a Ukraine based defense contractor. However, for the first time, TAG has observed COLDRIVER campaigns targeting the military of multiple Eastern European countries, as well as a NATO Centre of Excellence. These campaigns were sent using newly created Gmail accounts to non-Google accounts, so the success rate of these campaigns is unknown. We have not observed any Gmail accounts successfully compromised during these campaigns.

Ghostwriter, a Belarusian threat actor, recently introduced a new capability into their credential phishing campaigns. In mid-March, a security researcher released a blog post detailing a 'Browser in the Browser' phishing technique. While TAG has previously observed this technique being used by multiple government-backed actors, the media picked up on this blog post, publishing several stories highlighting this phishing capability."


The Odessa Journal
more articles

Top article

The Ministry of Defense has signed a contract for the construction of a service center for repairing drones in Ukraine
War

The Ministry of Defense has signed a contract ...

Dmytro Kuleba: Ukraine and Croatia have agreed to use Croatian ports for exporting Ukrainian grain
Business

Dmytro Kuleba: Ukraine and Croatia have agree ...

New sanctions: Defence industry, political parties and individuals linked to oligarchs
Business

New sanctions: Defence industry, political pa ...

Volodymyr Zelensky: We are preparing for the next Ramstein meeting, we expect solidly grounded decisions to meet the prospects on the battlefield
War

Volodymyr Zelensky: We are preparing for the ...