Skip to content
Edit post

Russian phishing campaign targets Kremlin's enemies at home and abroad

by Abbey Fenbert August 15, 2024 5:17 AM 2 min read
Illustrative image of a fishing rod harvesting user data in cyberspace. (Sarayut Thaneerat/Getty Images)
This audio is created with AI assistance

A sophisticated Russian spear phishing campaign has been targeting the Kremlin's critics in Russia and the West, according to a report from digital rights groups Citizen Labs and Access Now published Aug. 14.

Phishing is a type of social engineering in which attackers seek access to victims' online accounts by leveraging  personalized deceptive tactics.

The hacker group Coldriver, which has ties to Russia's Federal Security Service (FSB), is responsible for the phishing scheme, according to the report. The campaign targeted Russian opposition figures, NGOs, and Western diplomats, including former U.S. Ambassador to Ukraine, Steven Pifer.

Hackers typically initiated email exchanges with targets by impersonating someone they already knew, such as a colleage, funder, or government employee, researchers said. Messages contained work-related requests, such as viewing a proposal or article.

Targets would then click on the attached PDF, which contained a phishing link that would transmit data from the victim's system to the attacker's server when clicked.

Researchers described the email ruse as credible and effective, with many targets believing they were exchanging messages with a real person. In the case of Pifer, the phishing email impersonated another former U.S. ambassador.

The campaign also targeted Polina Machold, publisher of the Russian independent investigative outlet Proekt Media, and multiple officials and academics at U.S. think tanks.

"Importantly, we suspect that the total pool of targets is likely much larger than the civil society groups whose cases we have analyzed," researchers wrote.

"We have observed U.S. government personnel impersonated as part of this campaign, and ... we expect the U.S. government remains a target."

Russian hacker groups have engaged in various forms of cyber warfare throughout the full-scale war, including cyberattacks against Ukraine, hacks of civilian infrastructure in Europe, and interference in foreign elections.  

The Invisible War: Inside the electronic warfare arms race that could shape course of war in Ukraine
When Ukraine received Excalibur artillery shells in March 2022 from the U.S. shortly after the start of Russia’s full-scale invasion, it was immediately the military’s weapon of choice. Thanks to their GPS navigation system, these expensive munitions had a high-precision flight trajectory and could…

News Feed

12:43 PM

Ukraine receives $1.1 billion from IMF.

The funds come as already the sixth tranche disbursed to Ukraine under the IMF's Extended Fund Facility (EFF) program, raising the amount provided so far to $9.8 billion.
MORE NEWS

Editors' Picks

Enter your email to subscribe
Please, enter correct email address
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Subscribe
* indicates required

Subscribe

* indicates required
Subscribe
* indicates required
Subscribe
* indicates required
Explaining Ukraine with Kate Tsurkan
* indicates required
Successfuly subscribed
Thank you for signing up for this newsletter. We’ve sent you a confirmation email.