Pro-Russian hacker groups linked to Russian intelligence are targeting Kremlin critics abroad. This information comes from a Reuters report citing research by Citizen Lab and Access Now. The large-scale espionage campaign is being carried out by hacker organizations Cold River and Coldwastrel.
Cold River and Coldwastrel coordinate their activities and work in tandem, making their operations even more effective and dangerous. They are known for numerous large-scale cyberattacks on Western journalists, politicians, public figures, and governmental, non-governmental, academic, and media organizations in the U.S. and Europe that criticize the Kremlin or engage in anti-Kremlin activities.
The goal of the espionage campaign is to gather information and influence the political situation in Western countries. Since 2022, they have been conducting phishing attacks on prominent figures in the Russian opposition, Western think tanks, politicians, and academics. One of the victims of their attacks was former U.S. Ambassador to Ukraine, Steven Pifer. The hackers posed as another former U.S. ambassador to gain Pifer’s trust and trick him into entering his credentials on a fake website to steal his personal email password.
Cold River, also known as Callisto Group, has long been recognized as one of the most active and dangerous hacker groups operating under the aegis of Russian intelligence services. This group specializes in phishing attacks, creating fake emails that appear to be from trusted sources. These emails contain malicious links or attachments that, when opened, allow hackers to gain access to the victims’ accounts.
Coldwastrel is a new player in the espionage game and is just beginning to attract attention. This group also operates under the direction of Russian intelligence services, but information about its structure and methods remains limited. Coldwastrel actively collaborates with other pro-Russian hacker groups.
The activities of Russian cyber spies pose a threat to national security and have negative consequences for the Western world. They not only seek to control the information space but also actively interfere in political processes, undermine democratic institutions, and create conditions for destabilization. These attacks have potentially devastating effects, dividing societies, exacerbating internal conflicts, and weakening unity in international coalitions that support Ukraine and sanctions against Russia.