cold

Russian Cyber Spy Group Linked to Latest Malware Attack According to Google

Cybersecurity Padlocks Getty
Google researchers say they have evidence that a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware. Cold River, also known as “Callisto Group” and “Star Blizzard,” is known for conducting long-running espionage campaigns against NATO countries, particularly the United States and the United Kingdom. Researchers believe the group’s activities, which typically target high-profile individuals and organizations involved in international affairs and defense, suggest close ties to the Russian state. Google says that on discovery of the Cold River malware campaign, the technology giant added all of the identified websites, domains, and files to its Safe Browsing service to block the campaign from further targeting Google users. Google researchers previously linked the Cold River group to a hack-and-leak operation that saw a trove of emails and documents stolen and leaked from high-level Brexit proponents, including Sir Richard Dearlove, the former head of the U.K. foreign intelligence service MI6.