Rivers of Phish: Sophisticated Phishing Targets Russia's Perceived Enemies Around the Globe
Aug. 14, 2024, 3:45 p.m.
Tags
External References
Description
An extensive investigation uncovered an elaborate phishing campaign conducted by a Russia-based threat actor known as COLDRIVER, attributed to Russia's Federal Security Service. The campaign employed personalized social engineering tactics to target civil society groups, NGOs, journalists, and government entities perceived as adversaries. A separate threat actor called COLDWASTREL, potentially aligned with Russian interests, was also identified employing similar techniques. The report details the intricate methods used, including impersonating known individuals, crafting credible lures, and harvesting credentials for account takeovers, underscoring the persistent threats facing civil society from state-backed cyber operations.
Date
Published: Aug. 14, 2024, 3:04 p.m.
Created: Aug. 14, 2024, 3:04 p.m.
Modified: Aug. 14, 2024, 3:45 p.m.
Indicators
protondrive.services
efa2fd8f8808164d6986aedd6c8b45bb83edd70ca4e80d7ff563a3fbc05eab89
c1fa7cd73a14946fc760a54ebd0c853fab24a080cbf6b8460a949f28801e16fc
df9d77f3e608c92ef899e5acd1d65d87ce2fdb9aab63bbf58e63e6fd6c768ac3
b07d54a178726ffb9f2d5a38e64116cbdc361a1a0248fb89300275986dc5b69d
79f93e57ad6be28aae62d14135140289f09f86d3a093551bd234adc0021bb827
603221a64f2843674ad968970365f182c228b7219b32ab3777c265804ef67b0a
4a9a2c2926b7b8e388984d38cb9e259fb4060cccc2d291c7910be030ae5301a3
384d3027d92c13da55ceef9a375e8887d908fd54013f49167946e1791730ba22
0ded441749c5391234a59d712c9d8375955ebd3d4d5848837b8211c6b27a4e88
00664f72386b256d74176aacbe6d1d6f6dd515dd4b2fcb955f5e0f6f92fa078e
dj-kqf04.eu1.hubspotlinksfree.com
vocabpaper.com
xsltweemat.org
togochecklist.com
resident.ngo
service-proton.me
protondrive.me
protondrive.online
proton-viewer.com
proton-reader.com
proton-docs.com
ithostprotocol.com
matalangit.org
ideaspire.net
esestacey.net
egenre.net
eilatocare.com
Attack Patterns
COLDWASTREL
T1194
T1600
T1589
T1586
T1557
T1497
T1598
T1595
T1499
T1204
T1566
T1078
Additional Informations
Media
Education
NGO
Government