British cybersecurity authorities this Thursday pointed the finger at a group of Russian hackers, warning that the group was carrying out a campaign to collect information and personal data that attacked individuals with links to the government, the politics, the academy, the defense of the country, the media and civic activism.
🚨 Today, the UK has issued an advisory highlighting the continued threat from spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453.https://t.co/9q0E87x5OK
- NCSC UK (@NCSC) January 26, 2023
In a recommendation, quoted by Reuters, the National Cybersecurity Center (NCSC) warns that the group, called Cold River, has attacked individuals with credentials of some importance, pretending to be other people using email addresses. fake email or social media profiles.
"There is often some correspondence between attacker and target, sometimes over an extended period as the attacker builds up a rapport.“, explains the British organization.
BUT: Google Chrome flaw put sensitive data at risk
After collecting all possible data, Cold River pirates then encourage their targets to click on links, in which they are tricked into entering their access credentials to a certain platform.
Reuters adds that the group, which is also known by the names 'Callisto' and 'Seaborgium', attacked nuclear research laboratories in the United States in the summer and a British spy in May.
The NCSC did not link the group of pirates to the Kremlin, and the Russian embassy also declined to comment on the recommendation. In June, after the computer attack on US laboratories, the Russian Ministry of Foreign Affairs criticized the case as anti-Russian propaganda.
Russian hacking activity has been increasing throughout the Ukraine invasion, especially targeting Western institutions and government entities, despite the Kremlin denying any links to these groups. Reuters also explains that the Cold River group is intensifying its attacks against Kyiv and against Ukraine's allies.
