Threat actors masquerading as the U.S. State Department have launched email account takeover intrusions against widely known UK researcher on Russia Keir Giles, who was previously targeted by Russian state-backed hackers, according to The Record, a news site by cybersecurity firm Recorded Future.
Hacking operation Star Blizzard, also known as Coldriver, Iron Frontier, or Calisto, is suspected to be behind the attack campaign, noted Secureworks and Mandiant, which independently analyzed the emails and infrastructure involved in the incident. Star Blizzard has been associated with the Russian Federal Security Service's Center 18, which had a pair of its members indicted by the U.S. Justice Department almost two years ago over their involvement in the group's spear-phishing attacks since 2016. Such charges came alongside the UK's summoning of the Russian ambassador over Center 18's attacks, which were noted to have targeted the Institute for Statecraft and former Secret Intelligence Service leader Sir Richard Dearlove.
Hacking operation Star Blizzard, also known as Coldriver, Iron Frontier, or Calisto, is suspected to be behind the attack campaign, noted Secureworks and Mandiant, which independently analyzed the emails and infrastructure involved in the incident. Star Blizzard has been associated with the Russian Federal Security Service's Center 18, which had a pair of its members indicted by the U.S. Justice Department almost two years ago over their involvement in the group's spear-phishing attacks since 2016. Such charges came alongside the UK's summoning of the Russian ambassador over Center 18's attacks, which were noted to have targeted the Institute for Statecraft and former Secret Intelligence Service leader Sir Richard Dearlove.
