Russian cyberspies linked to the Kremlin’s Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started delivering via email as far back as November 2022, according to Google’s Threat Analysis Group. TAG tracks this crew as COLDRIVER, while other threat hunters call the government-backed gang Star Blizzard, UNC4057 and Callisto.

Source: The Register