Aug 15, 2024
Ravie Lakshmanan
Cyber Attack / Social Engineering
Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors aligned with the Russian government.
One campaign, known as River of Phish, has been attributed to COLDRIVER, a collective with ties to Russia’s Federal Security Service (FSB), while the second set of attacks is believed to be the work of a threat cluster called COLDWASTREL.
The targets of these campaigns include various individuals and organizations, with attacks designed to deceive efficiently through tailored emails sent from compromised or impersonated accounts.
Specific tactics such as sending emails without attachments and using fake Proton Mail accounts are utilized to trick victims into clicking on malicious links.
The sophistication of these phishing attacks highlights the ongoing threat posed by cybercriminals who use social engineering tactics to manipulate and deceive their targets.
The use of lookalike domains and fake login pages shows a level of sophistication in these attacks, underscoring the need for continued vigilance and awareness among internet users and organizations.
As cybersecurity threats evolve, it is essential to stay informed and adopt best practices to protect against malicious activities in the digital realm.