Malware, Threat Management

Google: Ukraine war-related lures increasingly leveraged in attacks

Numerous Ukraine war-related lures are being leveraged by Russian, Chinese, Iranian, and North Korean state-sponsored threat actors in malware and phishing campaigns, reports CyberScoop. Russia-based threat group Cold River, also known as "Calisto," has not only used such lures to attack nongovernmental organizations and think tanks in the U.S., but also to target a Balkans country's military, a Ukrainian defense contractor, and various Eastern European countries, including a NATO Centre of Excellence, a Google Threat Analysis Group report revealed. The attacks by Cold River come amid the deluge of cyberattacks stemming from Russia's invasion of Ukraine, including intrusions against the modems of U.S.-based telecommunications company Viasat that sought to disrupt communication networks in Ukraine. Moreover, Google researchers have also identified attacks by the Chinese state-backed group dubbed "Curious Gorge," which has already hit Ukrainian, Russian, Kazakh, and Mongolian government and military entities. Belarusian state-backed hacking group Ghostwriter has also leveraged a browser-in-browser approach in its credential-stealing attacks, according to the report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds