Jump to content

Google says Russian espionage crew behind new malware campaign

Recommended Posts

Security experts at Google's Threat Analysis Group (TAG) have announced cyberattacks that they believe are linked to the Cold River hacker group. It, they claim, has ties to Russian intelligence services. The attacks are carried out using phishing techniques on targets in NATO countries, including the US and the UK. The group uses the SPICA backdoor to gain access to victims' computers and steal documents and cookies. 

The hackers send victims a PDF document that the sender claims contains an encrypted article and offers a decryption utility that is actually a backdoor. Google detected the active campaign and added Cold River-related domains and files to its Safe Browsing service database to protect users.


Link to comment
Share on other sites

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site you automatically agree to the Privacy Policy | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.