Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware [Thursday, January 18, 2024]

COLDRIVER’s targeting of high profile individuals in NGOs, former intelligence and military officials and NATO governments is moving beyond credent...
Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware [Thursday, January 18, 2024]
Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware
Report

Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware

Description :
COLDRIVER’s targeting of high profile individuals in NGOs, former intelligence and military officials and NATO governments is moving beyond credential phishing activities.

Published Created Modified
2024-01-18 19:02:25 2024-01-18 19:02:25 2024-01-18 19:28:13

Tags

Indicators

IPv4s :
  • 45.133.216.15
Malwares :
  • SPICA
Hashes :
  • c97acea1a6ef59d58a498f1e1f0e0648d6979c4325de3ee726038df1fc2e831d
  • a949ec428116489f5e77cefc67fea475017e0f50d2289e17c3eb053072adcf24
  • 37c52481711631a5c73a6341bd8bea302ad57f02199db7624b580058547fb5a9
  • 0f6b9d2ada67cebc8c0f03786c442c61c05cef5b92641ec4c1bdd8f5baeb2ee1
  • 84523ddad722e205e2d52eedfb682026928b63f919a7bf1ce6f1ad4180d0f507
  • ac270310b5410e7430fe7e36a079525cd8724b002b38e13a6ee6e09b326f4847
Intrusion set :
  • COLDRIVER
Location :
  • Germany
  • United States of America
  • Ukraine
MITRE ATT&CK Techniques : Other observables :
  • Education

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.