pwshub.com

Russian state-sponsored phishing campaign targets Western NGOs and diplomats

A Russian state-sponsored spear phishing campaign has been found to be targeting Western and Russian civil society targets, including nongovernmental organizations, independent media and at least one former U.S. ambassador.

The campaign, detailed Wednesday by Citizen Lab and dubbed “River of Phish,” engaged targets with personalized and highly plausible social engineering in an attempt to gain access to their online accounts. The campaign is believed to be run by the Coldriver group, which Western governments believe is linked to the Russian Federal Security Service.

The targets have included Russian opposition figures in exile to staff at nongovernmental organizations in the U.S. and Europe, funders and media organizations. Among the targets was Polina Machold, the publisher of a media out that conducts high-profile investigative reporting into official corruption and abuses of power in Russia.

Citizen Lab also observed the group targeting former officials and academics in U.S. think tanks and policy organizations. Among them was former U.S. Ambassador to Ukraine Steven Pifer, who was targeted with a highly credible approach impersonating someone known to him — a fellow former U.S. ambassador.

Though certain targeted groups and individuals have been identified, Citizen Labs notes that they suspect the total pool of targets is likely much larger than the civil society groups it has analyzed. Notably, the Russian group was also found to be impersonating U.S. government personnel as part of its campaign, meaning that there could be further compromises within the U.S. government.

“Cybercriminals target anyone with an email address, but targeting high-profile people in government is a win for them,” James McQuiggan, security awareness advocate at KnowBe4 Inc., told SiliconANGLE. “Gaining access to a system that is within the government can be the stepping stone to a much larger payoff” as the attackers “can leverage the victim’s system to access other systems with the government infrastructure to then be able to collect data or maintain persistence for future access, which could lead to an attack or possible ransomware outcome.”

“Email should be treated with skepticism,” McQuiggan added, “If it’s not expected or the sender is unknown, like answering the front door of your home and seeing a package that wasn’t ordered, it should be met with skepticism and verify the sender or the contents of the email.”

Source: siliconangle.com

Related stories
1 month ago - Regulators are circling ever closer to big tech companies — the latest being Google, which the Federal Trade Commission more than hinted this week should be broken up. It’s not at all certain that will happen, since it’s up to the judge...
1 month ago - Researchers from security operations company Ontinue AG today are warning of a new PlugX Remote Access Trojan campaign that is targeting Steam users. PlugX is a RAT malware family that has been around since 2008 and is used as a backdoor...
1 month ago - “Security is always excessive until it’s not enough.” In today’s at-risk computing landscape, those words from cybersecurity and risk management expert Robbie Sinclair succinctly describe current AI cyber threats. As enterprise...
2 weeks ago - Google LLC’s Threat Analysis Group today shared details on multiple observed in-the-wild exploit campaigns that used watering-hole attacks on Mongolian government websites between November 2023 and July this year. A watering-hole attack...
1 week ago - The U.S. Department of Justice, State and Treasury announced today sanctions and criminal charges in relation to claimed Russian government-sponsored attempts to manipulate public opinion ahead of the Presidential election currently...
Other stories
36 minutes ago - Good but not great. That's the verdict for the Vanguard Small-Cap Value ETF (NYSEMKT: VBR) over the last five years. The exchange-traded fund (ETF)...
36 minutes ago - MicroStrategy announced the details of its third debt offering of 2024, underlying its commitment to Bitcoin.
1 hour ago - (Bloomberg) -- Intel Corp. shares surged for the second straight day after the troubled chipmaker made a raft of announcements, spurring optimism that a turnaround plan is starting to bear fruit.Most Read from BloombergPipe Fire Near...
1 hour ago - Investors' confidence in a soft landing is growing as markets eye the first interest rate cut from the Federal Reserve since 2020.
1 hour ago - Larry Ellison and Elon Musk recently implored Nvidia Corp. (NASDAQ:NVDA) CEO Jensen Huang for additional GPUs during a dinner at Nobu Palo Alto. What Happened: During a meeting with analysts last week, Ellison, co-founder and CTO of...