World

Russia’s critics targeted with global hacking campaign, rights group says

2024.08.14 08:34

By Zeba Siddiqui

(Reuters) – Hackers linked to Russian intelligence are targeting the Kremlin’s critics around the globe with phishing emails, according to new research published on Wednesday by digital rights groups Citizen Lab and Access Now.

The phishing campaign is part of a sweeping internet espionage operation, the researchers say, and comes as U.S. officials are closely monitoring computer networks to thwart any cyberattacks against the 2024 presidential election.

The email hacks began around 2022 and have targeted prominent Russian opposition figures-in-exile, former U.S. think tank and policy officials and academics, U.S. and EU nonprofit staff, as well as media organizations, the report said.

Some of those targeted were still in Russia, “placing them at considerable risk”, the researchers said, adding that the victims may have been selected to try to gain access to their extensive networks of contacts.

While phishing is a common hacking technique, a hallmark of this operation was that the malicious emails often impersonated people known to the victims, making them seem more authentic.

Citizen Lab attributed the hacking to two groups: the prominent Russian hacking outfit Cold River, which Western intelligence and security officials have linked to Russia’s Federal Security Service (FSB), and a new group dubbed Coldwastrel, which appeared to support Russian intelligence.

The Russian embassy in Washington did not respond to a request for comment. Russia has consistently denied allegations of hacking during past incidents linked to Cold River.

One of the victims of the hacking operation was a former U.S. ambassador to Ukraine, who was targeted with a “credible effort” impersonating a fellow former ambassador known to him, according to the report, which didn’t name the person.

The booby-trap emails usually had an attached PDF that solicited a click to decrypt. That click took the target to a website resembling the Gmail or ProtonMail login pages, where if they entered their credentials, the hackers would be able to access their accounts and mailing lists.

Some of those targeted by the campaign fell for it, said Dmitry Zair-Bek, who heads the Russian rights group First Department, which was also involved in the research.

“This attack is not really complicated, but it’s no less effective, because you do not expect a phishing email from your colleague,” Zair-Bek told Reuters.

The total number of people targeted was in the double digits, and most were hit this year, he added, without elaborating.

Citizen Lab said the targets had extensive networks of contacts within sensitive communities, including high-risk individuals within Russia.

“For some, successful compromise could result in extremely serious consequences, such as imprisonment,” it said.

© Reuters. FILE PHOTO: The Russian flag flies on the dome of the Kremlin Senate building behind Spasskaya Tower, in central Moscow, Russia, May 4, 2023. REUTERS/Stringer/File Photo

Cold River has emerged as one of the most prolific Russian hacking groups since it first appeared on the radar of intelligence officials in 2016.

It has escalated its hacking campaign against Kyiv’s allies following Russia’s invasion of Ukraine, and some of its members were sanctioned by U.S. and British officials in December.



Source link

Related Articles

Back to top button
bitcoin
Bitcoin (BTC) $ 102,804.54 1.47%
ethereum
Ethereum (ETH) $ 2,314.91 12.95%
tether
Tether (USDT) $ 1.00 0.02%
xrp
XRP (XRP) $ 2.34 4.12%
bnb
BNB (BNB) $ 633.53 2.00%
solana
Solana (SOL) $ 170.31 6.58%
usd-coin
USDC (USDC) $ 1.00 0.00%
dogecoin
Dogecoin (DOGE) $ 0.203032 6.67%
cardano
Cardano (ADA) $ 0.780294 6.90%
tron
TRON (TRX) $ 0.261195 2.16%
staked-ether
Lido Staked Ether (STETH) $ 2,315.57 13.13%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 102,548.48 1.35%
sui
Sui (SUI) $ 3.89 1.18%
chainlink
Chainlink (LINK) $ 15.89 3.60%
avalanche-2
Avalanche (AVAX) $ 23.01 7.78%
wrapped-steth
Wrapped stETH (WSTETH) $ 2,771.06 12.69%
stellar
Stellar (XLM) $ 0.295076 4.24%
shiba-inu
Shiba Inu (SHIB) $ 0.000015 6.57%
hedera-hashgraph
Hedera (HBAR) $ 0.198361 3.68%
hyperliquid
Hyperliquid (HYPE) $ 24.57 11.73%
the-open-network
Toncoin (TON) $ 3.25 1.09%
bitcoin-cash
Bitcoin Cash (BCH) $ 406.93 2.94%
leo-token
LEO Token (LEO) $ 8.69 1.35%
usds
USDS (USDS) $ 1.00 0.00%
litecoin
Litecoin (LTC) $ 98.35 5.67%
polkadot
Polkadot (DOT) $ 4.74 9.79%
weth
WETH (WETH) $ 2,318.86 13.16%
monero
Monero (XMR) $ 305.24 2.67%
wrapped-eeth
Wrapped eETH (WEETH) $ 2,460.46 12.61%
bitget-token
Bitget Token (BGB) $ 4.46 0.27%
binance-bridged-usdt-bnb-smart-chain
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.997455 0.30%
pepe
Pepe (PEPE) $ 0.000012 20.01%
pi-network
Pi Network (PI) $ 0.718071 13.47%
ethena-usde
Ethena USDe (USDE) $ 1.00 0.04%
coinbase-wrapped-btc
Coinbase Wrapped BTC (CBBTC) $ 102,830.55 1.48%
whitebit
WhiteBIT Coin (WBT) $ 30.26 2.09%
uniswap
Uniswap (UNI) $ 6.30 13.46%
bittensor
Bittensor (TAO) $ 421.88 1.19%
near
NEAR Protocol (NEAR) $ 2.89 10.67%
dai
Dai (DAI) $ 1.00 0.01%
aptos
Aptos (APT) $ 5.49 5.09%
okb
OKB (OKB) $ 53.27 1.60%
ondo-finance
Ondo (ONDO) $ 1.01 6.23%
aave
Aave (AAVE) $ 207.55 8.98%
susds
sUSDS (SUSDS) $ 1.05 0.02%
ethereum-classic
Ethereum Classic (ETC) $ 19.18 8.10%
crypto-com-chain
Cronos (CRO) $ 0.1006 4.18%
blackrock-usd-institutional-digital-liquidity-fund
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00 0.00%
internet-computer
Internet Computer (ICP) $ 5.36 7.71%
official-trump
Official Trump (TRUMP) $ 13.86 11.82%