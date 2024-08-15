Russian state-backed threat groups Coldriver and Coldwastrel have launched increasingly advanced phishing attacks against civil society members across the U.S., Europe, and Russia, with the former targeting former U.S. ambassador to Ukraine Steven Piher and Russian news organization Proekt Media publisher Polina Machold, and the latter aiming for Russian interests, reports The Guardian.

Attacks by both hacking operations mostly involved the delivery of malicious emails seeking a review of a purportedly encrypted PDF attachment, which seeks targets' password and two-factor authentication code to facilitate email access and online storage compromise, an analysis from Citizen Lab and Access Now revealed. "This investigation shows that Russian independent media and human rights groups in exile face the same type of advanced phishing attacks that target current and former US officials. Yet they have many fewer resources to protect themselves, and the risks of compromise are much more severe," said Access Now Senior Tech Legal Counsel Natalia Krapiva.