Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Russian Cyber Spies Launch Massive Phishing Campaign: River of Phish Exposed
Russia’s Federal Security Service (FSB) and a new cyber crew, COLDWASTREL, have been conducting a massive phishing espionage campaign dubbed River of Phish. Targeting US and European entities, this operation aims to steal credentials and 2FA tokens, potentially leading to serious consequences for the victims,…
Hot Take:
Looks like Russia’s Federal Security Service is fishing for more than just compliments. With a new partner in crime, they’re casting their phishing lines wide and deep, hoping to reel in some big catches from the US and Europe. Someone call the Cyber Coast Guard!
Key Points:
- Citizen Lab identifies two Russian cyber-espionage groups, COLDRIVER and COLDWASTREL, behind a large-scale phishing campaign.
- The campaign, dubbed “River of Phish,” began in 2022 targeting political exiles, NGOs, media, think tanks, and former government officials.
- COLDRIVER has shifted focus to breaking into defense and energy sectors.
- No malware found on victim devices, but account access remains the primary goal.
- Phishing emails often pretend to be from colleagues or US government employees, with deceptive tactics to increase credibility.
Already a member? Log in here