Russian hackers have recently attempted to penetrate NATO networks and the armed forces of some Eastern European countries, the Google Threat Analysis Group (TAG) said in a report released Wednesday.
The report did not say which armies had been targeted in what Google described as “credential phishing campaigns” launched by a Russian-based group called Coldriver or Callisto.
“These campaigns were sent using newly created Gmail accounts to non-Google accounts, so the success rate of these campaigns is unknown,” the report says. He clarifies: “We haven't seen any successfully compromised Gmail accounts during these campaigns.”
“Coldriver, a Russian-based threat actor sometimes called Callisto, has launched credential phishing campaigns, targeting various US-based NGOs and think tanks, the army of a Balkan country and a Ukraine-based defense contractor. However, for the first time, TAG has observed campaigns aimed at the army of several Eastern European countries, as well as a NATO Center of Excellence,” he details.
Russia, which is now under heavy Western economic sanctions following its decision to invade Ukraine on February 24, regularly denies allegations of cyber attacks against Western targets.
In 2019, Finnish cybersecurity firm F-Secure Labs described Callisto as an unidentified advanced threat actor “interested in collecting intelligence related to foreign and security policy” in Europe.
The group also targeted a NATO Center of Excellence, said Wednesday's Google report, without giving any further details.
In a statement, the center did not directly address Google's report, but said, “We see malicious cyber activity on a daily basis.”
The same Google report also warns that Curious Gorge, a group that the report attributes to China's PLA SSF, has campaigned against government and military organizations in Ukraine, Russia, Kazakhstan and Mongolia. “While this activity does not greatly affect Google products, we remain engaged and provide notifications to victim organizations,” he says.
On the other hand, Ghostwriter, a Belarusian threat actor, recently introduced a new capability in its credential phishing campaigns. In mid-March, a security researcher published a blog post detailing a 'browser-in-browser' phishing technique. “While TAG has previously noted that this technique is used by multiple government-backed actors, the media is revisiting this blog post and publishing several stories highlighting this phishing capability.”
(With information from REUTERS)
Keep reading:
Últimas Noticias
Debanhi Escobar: they secured the motel where she was found lifeless in a cistern
Members of the Specialized Prosecutor's Office in Nuevo León secured the Nueva Castilla Motel as part of the investigations into the case
The oldest person in the world died at the age of 119
Kane Tanaka lived in Japan. She was born six months earlier than George Orwell, the same year that the Wright brothers first flew, and Marie Curie became the first woman to win a Nobel Prize
Macabre find in CDMX: they left a body bagged and tied in a taxi
The body was left in the back seats of the car. It was covered with black bags and tied with industrial tape
The eagles of America will face Manchester City in a duel of legends. Here are the details
The top Mexican football champion will play a match with Pep Guardiola's squad in the Lone Star Cup
Why is it good to bring dogs out to know the world when they are puppies
A so-called protection against the spread of diseases threatens the integral development of dogs
