A Russian hacker ring is targeting human rights groups around the globe with sophisticated spear phishing campaigns.Two campaigns, highlighted in a new report from digital rights group Access Now and the University of Toronto’s Citizen Lab, appear to be the work of the Russian government or those closely aligned with its interests. The first, known as ColdRiver, targeted people between April and June 2024 and “is attributed to the Russian Federal Security Service (FSB),” Citizen Lab says. The second, ColdWastrel, operated between October 2022 and August 2024 and is “distinct from ColdRiver, [with] targeting that we have observed aligns with the interests of the Russian government.””We judge that these targets may have been selected for their extensive networks among sensitive communities, such as high-risk individuals within Russia,” Citizen Lab says. “For some, successful compromise could result in extremely serious consequences, such as imprisonment or physical harm to themselves or their contacts.”
(Credit: Citizen Lab)
Hackers are targeting prominent figures who oppose Russia via convincing emails that appear to be from someone they know. For example, the US ambassador to Ukraine, Steven Pifer, received an email from someone pretending to be a former US ambassador.
Recommended by Our Editors
These emails often include a PDF attachment, with the sender asking the recipient to review the file. Those PDFs claim to be encrypted and come with a link to decrypt or access the file. That sends people to a sign-in page where credentials are scraped.Targets include Russian human rights organization First Department and Proekt Media, a publisher that conducts high-profile investigations into corruption in the upper levels of the Russian government. Former US officials and academics were also hit.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
About Joe Hindy
Contributor
Hello, my name is Joe and I am a tech blogger. My first real experience with tech came at the tender age of 6 when I started playing Final Fantasy IV (II on the SNES) on the family’s living room console. As a teenager, I cobbled together my first PC build using old parts from several ancient PCs, and really started getting into things in my 20s. I served in the US Army as a broadcast journalist. Afterward, I served as a news writer for XDA-Developers before I spent 11 years as an Editor, and eventually Senior Editor, of Android Authority. I specialize in gaming, mobile tech, and PC hardware, but I enjoy pretty much anything that has electricity running through it.
Read Joe’s full bio
Read the latest from Joe Hindy
