Threat Research

    To Be (a Robot) or Not to Be: New Malware Attributed to Russia State-Sponsored COLDRIVER

    After the public disclosure of its LOSTKEYS malware in May 2025, the Russian state-sponsored threat group COLDRIVER (also known as UNC4057, Star Blizzard, and Callisto) quickly adapted, launching new malware families within just five days....
    10/22/2025  0
    Read More »

    COLDRIVER Updates Arsenal with BAITSWITCH and SIMPLEFIX

    In September 2025, our team uncovered a new multi-stage ClickFix campaign likely aimed at Russian civil society. The campaign is attributed with moderate confidence to the Russia-linked APT group COLDRIVER. COLDRIVER, also known as Star Blizzard or Callisto, is known for credential phishing and targeting NGOs, journalists, and activists....
    10/1/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.