Beginning in March 2023, 94 new domains have been connected to a Russia-nexus opponent, indicating that the group is actively changing its infrastructure in reaction to information about its operations becoming public.
The updated infrastructure was linked by the cybersecurity company Recorded Future to a threat actor it monitors by the name of BlueCharlie, a hacker group also known as Blue Callisto, Callisto (or Calisto), COLDRIVER, Star Blizzard (previously SEABORGIUM), and TA446. Threat Activity Group 53 (TAG-53) was BlueCharlie’s prior working name.
“These shifts demonstrate that these threat actors are aware of industry reporting and show a certain level of sophistication in their efforts to obfuscate or modify their activity, aiming to stymie security researchers,” the business claimed in a technical paper provided read more Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.