Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations researchers whose work touches on Russia, and sources of assistance to Ukraine related to the war with Russia.
Previously observed attack chains have involved sending spear-phishing emails to targets of interest... attaching documents embedding malicious links that redirect to an Evilginx-powered page that's capable of harvesting credentials and two-factor authentication (2FA) codes.
Collection
[
|
...
]