0 out of 25,000

Quality journalism takes work — and a community that cares.
Help us reach 25,000 members by the end of 2025.

KI logo
Wednesday, November 19, 2025
News Feed

Russian phishing campaign targets Kremlin's enemies at home and abroad

2 min read
Avatar
by Abbey Fenbert
Russian phishing campaign targets Kremlin's enemies at home and abroad
Illustrative image of a fishing rod harvesting user data in cyberspace. (Sarayut Thaneerat/Getty Images)

A sophisticated Russian spear phishing campaign has been targeting the Kremlin's critics in Russia and the West, according to a report from digital rights groups Citizen Labs and Access Now published Aug. 14.

Phishing is a type of social engineering in which attackers seek access to victims' online accounts by leveraging  personalized deceptive tactics.

The hacker group Coldriver, which has ties to Russia's Federal Security Service (FSB), is responsible for the phishing scheme, according to the report. The campaign targeted Russian opposition figures, NGOs, and Western diplomats, including former U.S. Ambassador to Ukraine, Steven Pifer.

Hackers typically initiated email exchanges with targets by impersonating someone they already knew, such as a colleage, funder, or government employee, researchers said. Messages contained work-related requests, such as viewing a proposal or article.

Targets would then click on the attached PDF, which contained a phishing link that would transmit data from the victim's system to the attacker's server when clicked.

Researchers described the email ruse as credible and effective, with many targets believing they were exchanging messages with a real person. In the case of Pifer, the phishing email impersonated another former U.S. ambassador.

The campaign also targeted Polina Machold, publisher of the Russian independent investigative outlet Proekt Media, and multiple officials and academics at U.S. think tanks.

"Importantly, we suspect that the total pool of targets is likely much larger than the civil society groups whose cases we have analyzed," researchers wrote.

"We have observed U.S. government personnel impersonated as part of this campaign, and ... we expect the U.S. government remains a target."

Russian hacker groups have engaged in various forms of cyber warfare throughout the full-scale war, including cyberattacks against Ukraine, hacks of civilian infrastructure in Europe, and interference in foreign elections.  

The Invisible War: Inside the electronic warfare arms race that could shape course of war in Ukraine
Article imageThe Kyiv IndependentOleksandr Tartachnyi
Hacker attackCyberattackCybersecurityUnited States
Avatar
Abbey Fenbert

Senior News Editor

Abbey Fenbert is a senior news editor at the Kyiv Independent. She is a freelance writer, editor, and playwright with an MFA from Boston University. Abbey served as a Peace Corps Volunteer in Ukraine from 2008-2011.

Read more

Most Popular

News Feed
Wednesday, November 19
Video
Ukraine’s biggest wartime corruption scandal, explained.

The Kyiv Independent’s Oleksiy Sorokin sits down with Daria Kaleniuk, executive director of Ukraine’s Anti-Corruption Action Center, to discuss Ukraine’s biggest wartime corruption scandal, which involves people from President Volodymyr Zelensky's circle and several government officials.

Tuesday, November 18
Show More

Editors' Picks