Reports suggest that Russian national security agencies are stepping up their phishing attacks on civilians in the United States, Europe, and Russia. These attacks, which are increasingly sophisticated, often involve impersonating individuals with personal ties to the victims. Security researchers have also found evidence of Iranian hacking targeting advisers to President Donald Trump.
State-sponsored hacking efforts have a history of targeting political figures, as seen in the case of Hillary Clinton during the 2016 election. However, recent attacks linked to the Russian government are growing in complexity, leveraging both social engineering tactics and advanced technology.
Research indicates that these phishing attacks are carried out by threat actors like Coldriver and Coldwastrel, believed to be linked to the Russian Federal Security Service (FSB). These attacks pose a significant risk to the safety and security of their targets, especially those with connections to sensitive communities.
The attackers typically start by impersonating known contacts of the targets, asking them to review encrypted documents. By tricking the target into entering their login credentials, the attackers can gain access to sensitive information, including email accounts and online storage.
Natalia Krapiva of Access Now warns that independent Russian media and human rights organizations are particularly vulnerable to these attacks, given their limited resources for defense. Targeted individuals, including Russian opposition figures and NGO officials, face heightened risks due to their extensive networks.
Security experts advise caution when receiving unsolicited emails requesting document reviews, especially if they appear to be encrypted or come from unknown sources. Vigilance is crucial to prevent falling victim to these increasingly sophisticated phishing attacks.
Source: www.theguardian.com
