Toggle light / dark theme

Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations.

In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia’s Federal Security Service (FSB), the country’s counterintelligence and internal security service.

Google Threat Intelligence Group (GTIG) first observed LostKeys being “deployed in highly selective cases” in January as part of ClickFix social engineering attacks, where the threat actors trick targets into running malicious PowerShell scripts.

Leave a Comment

If you are already a member, you can use this form to update your payment info.

Lifeboat Foundation respects your privacy! Your email address will not be published.