Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware

The threat actor with ties to Russia, COLDRIVER, has been seen developing its tradecraft to deliver its first-ever unique malware written in the Rust programming language, beyond credential harvesting.

According to Google’s Threat Analysis Group (TAG), which released information about the most recent activity, attack chains use PDFs as fictitious documents to start the infection sequence. The enticements originate from fictitious accounts.

Calisto (also written Calisto), Dancing Salome, Gossamer Bear, Star Blizzard (previously SEABORGIUM), TA446, UNC4057, Blue Callisto, BlueCharlie (or TAG-53), and so on. COLDRIVER has been reported to be active since 2019 and is known to target a variety of sectors read more Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *