Research from Citizen Lab indicates that the FSB-backed hacking groups COLDRIVER and COLDWASTREL have been conducting extensive phishing operations against US and European targets since 2022, aiming to steal credentials and inflict harm.
The two-year-long campaign named River of Phish has focused on high-risk individuals, including members of the Russian opposition and staff from various NGOs and media outlets across the US and Europe.
Citizen Lab's investigation shows that since 2022, COLDRIVER also expanded its efforts to infiltrate defense and energy sector email accounts, indicating a strategic targeting of critical infrastructure.
The potential consequences of compromised individuals are severe, ranging from imprisonment to physical harm, highlighting the dangerous nature of these cyber attacks on sensitive communities.
[
Collection
]
[
|
...
]