Security News > 2024 > January > Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
2024-01-18 14:49
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
News URL
https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html
Related news
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware (source)