Star Blizzard Strikes Again: Russian Hackers’ New Phishing Tricks Exposed
Cybersecurity researchers have detected new spear-phishing attempts by Star Blizzard, a group linked to Russia’s FSB. Known for targeting Western entities, they impersonate trusted contacts to lure victims. Recently, they targeted Reporters Without Borders, using fake ProtonMail addresses to trick recipients into downloading malware.
Hot Take:
Looks like the Star Blizzard has moved from snowflakes to spear-phishing! These cyber tricksters are still at it, impersonating trusted contacts like it’s a bad soap opera plot. Just when you thought it was safe to open your inbox, these digital pickpockets are back with their familiar bag of tricks, now with a new twist involving ProtonMail shenanigans. It’s like the Cold War, but with more phishing and less espionage glamour!
Key Points:
– Star Blizzard, linked to Russia’s FSB, is on a spear-phishing spree targeting Western entities supporting Ukraine.
– Their modus operandi includes impersonating trusted contacts and sending malware-laden links.
– Recent attacks involved ProtonMail and ProtonDrive, with attempts thwarted by account blocks.
– The group uses sophisticated Adversary-in-the-Middle (AiTM) techniques to bypass two-factor authentication.
– Star Blizzard’s infrastructure relies heavily on Namecheap and Regway domains to track and execute campaigns.