Security News > 2024 > January > Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
2024-01-18 14:49
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
News URL
https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html
Related news
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Midnight Blizzard deploys new GrapeLoader malware in embassy phishing (source)