Security News > 2024 > January > Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
2024-01-18 14:49
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
News URL
https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html
Related news
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Russian ISP confirms Ukrainian hackers "destroyed" its network (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign (source)
- How Russian hackers went after NGOs’ WhatsApp accounts (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)
- EU sanctions Russian GRU hackers for cyberattacks against Estonia (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)