Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Russian Hackers Target Eastern Europe NGOs

August 16, 2024
Reading Time: 2 mins read
in Alerts
Russian Hackers Target Eastern Europe NGOs

Russian and Belarusian non-profit organizations, as well as independent media outlets in Russia and international NGOs operating in Eastern Europe, have recently become targets of sophisticated spear-phishing campaigns. These attacks are linked to threat actors with connections to the Russian government, specifically two groups identified as COLDRIVER and COLDWASTREL. The cyber espionage activities are aimed at gathering sensitive information from these organizations and individuals.

The first campaign, dubbed “River of Phish,” is attributed to COLDRIVER, a collective with ties to Russia’s Federal Security Service (FSB). This operation employs highly personalized social engineering tactics. Victims receive emails from compromised or spoofed accounts, often appearing to be from known contacts or organizations. The emails contain deceptive PDF attachments that redirect recipients to credential-harvesting pages, carefully designed to avoid detection by automated security tools. This method also includes fingerprinting infected hosts to protect the attack’s infrastructure.

The second set of attacks involves COLDWASTREL, a previously undocumented threat group. While sharing some similarities with COLDRIVER’s tactics, COLDWASTREL distinguishes itself by using lookalike domains and variations in PDF content for credential harvesting. The group employs similar social engineering techniques, utilizing Proton Mail and Proton Drive to enhance the credibility of their phishing attempts. This group first appeared in March 2023 and has since adapted its methods to evade detection.

Both campaigns highlight the persistent and evolving nature of phishing attacks, particularly when targeting high-profile individuals and sensitive organizations. As phishing remains a cost-effective technique for cyber espionage, the Citizen Lab’s report underscores the need for heightened vigilance and robust security measures to counter these sophisticated threats and protect sensitive information from being compromised.

Reference:

  • Russian Hackers Target Eastern Europe NGOs and Media in New Phishing Campaign
Tags: August 2024BelarusCOLDRIVERCOLDWASTRELCyber AlertsCyber Alerts 2024Cyber threatsEuropeNGORussia
ADVERTISEMENT

Related Posts

FBI Issues Warning on Spoofed IC3 Website

FBI Issues Warning on Spoofed IC3 Website

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

Infostealer Hits macOS Users Widely

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

SonicWall Warns Reset After Exposure

September 22, 2025
Steganography Cloud C2 In Modular Chain

Steganography Cloud C2 In Modular Chain

September 19, 2025
Steganography Cloud C2 In Modular Chain

Fake Empire Targets Crypto With AMOS

September 19, 2025
Steganography Cloud C2 In Modular Chain

SEO Poisoning Hits Chinese Users

September 19, 2025

Latest Alerts

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Steganography Cloud C2 In Modular Chain

Fake Empire Targets Crypto With AMOS

SEO Poisoning Hits Chinese Users

Subscribe to our newsletter

    Latest Incidents

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    Russian Hackers Hit Polish Hospitals

    New York Blood Center Data Breach

    Tiffany Data Breach Hits Thousands

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial