UK has warned that a Russia-based hacking group named Cold River has been holding an expansive and ongoing information-gathering campaign in the country. An advisory issued by the National Cyber Security Centre (NCSC) said that the group has already struck various targets in government, politics, academia, defence, journalism, and activism. It further warned that Iranian hackers are also at play.
The body, that is a part of Britain’s GCHQ eavesdropping intelligence agency, said that the hackers mostly target those doing research and work about Iran and Russia.
The researches said that the hackers target and impersonate people around them using fake email addresses and social media profiles.
“There is often some correspondence between attacker and target, sometimes over an extended period, as the attacker builds rapport,” the advisory said.
They then send fake invites to events or Zoom meetings containing malicious code. If the user clicks on the link, he is tricked into entering his login credentials on a website controlled by the group, the advisory said. This compromises their accounts and lets the hacker gain access to sensitive information.
An Iran-based group, known as Charming Kitten, has also used the same “spear-phishing” techniques to gather information, according to the NCSC. Iran’s mission to the United Nations in New York said the Iranian government knows nothing about the group.
Russia’s embassies in London and Washington have not said anything on the matter yet. The advisory did not directly attribute the digital attacks to the Russian government.
The hackers can access the victim’s email accounts, “from where they are known to access and steal emails and attachments from the victim’s inbox,” it added.
A Reuters report said that Cold River, also known as “Callisto” and “Seaborgium”, targeted three nuclear research laboratories in the United States last summer. It also published private emails from former British spymaster Richard Dearlove in May.
Reacting to the advisory, Russia’s Foreign Ministry called it anti-Russian propaganda.
(With inputs from agencies)
You can now write for wionews.com and be a part of the community. Share your stories and opinions with us here.