Callisto Group

Threat Actor Profile Updated 13 days ago
Download STIX
Preview STIX
The Callisto Group, also known as Star Blizzard and Coldriver, is a threat actor originating from Russia. A threat actor refers to an entity that executes actions with malicious intent, which could range from individuals to government entities. The Callisto Group has been recognized for its advanced spear-phishing campaigns, which were highlighted in a joint cybersecurity advisory published by the Cyber National Mission Force in collaboration with the FBI, the Cybersecurity and Infrastructure Security Agency, and other international cyber authorities. In recent developments, the activities of the Callisto Group have been exposed by both the United Kingdom and the United States. This exposure was reported in multiple articles on the Security Affairs website, indicating significant international attention and concern towards this group's activities. The reports detail their sophisticated cyber-espionage tactics, which primarily target government, military, and security organizations. In response to these revelations, both the US and UK have taken action against the Callisto Group. Sanctions have been imposed on members of the group, demonstrating a firm stance against their malicious activities. These measures aim to disrupt the group's operations and serve as a deterrent for similar threat actors. While this marks a significant step in combating such cyber threats, it also underscores the ongoing challenge posed by state-sponsored cybercrime.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Seaborgium
4
Seaborgium, also known as Star Blizzard, Callisto Group, and Coldriver, is a threat actor believed to be linked to Russia's Federal Security Service (FSB), specifically its Center 18 cyberespionage unit. The group has been active for nearly a decade, conducting spear-phishing campaigns against Briti
COLDRIVER
3
Coldriver, also known as Star Blizzard and Callisto Group, is a Russian Advanced Persistent Threat (APT) actor that has been identified as a significant cybersecurity threat. Notably, Google's Threat Analysis Group (TAG) has issued warnings about Coldriver's use of a custom backdoor in its operation
Star Blizzard
3
Star Blizzard, also known as Seaborgium or the Callisto Group, is a threat actor linked to Russia's intelligence service, the FSB. The group has been involved in sophisticated cyber-attacks worldwide, primarily using spear-phishing campaigns to steal account credentials and data. Microsoft, which tr
Callisto
2
Callisto, also known as COLDRIVER, TAG-53, Star Blizzard, and UNC4057 among others, is a threat actor believed to be linked with Russian state interests. The group has been involved in a range of malicious activities including credential harvesting campaigns, disinformation, and espionage. Notably,
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Phishing
Blizzard
Russia
Apt
Government
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Callisto Group Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Securityaffairs
2 months ago
Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs
4 months ago
Security Affairs newsletter Round 453 by Pierluigi Paganini
CERT-EU
5 months ago
UK and US expose Russia Callisto Group's activity and sanction members
CERT-EU
5 months ago
Two Russian National Charged for Hacking Government Accounts | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
5 months ago
Russian Nationals Charged in Connection with Global Hacking Campaign | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
5 months ago
Russian hackers accused of targeting U.S. intelligence community with spear phishing campaign | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
Securityaffairs
2 months ago
Security Affairs newsletter Round 461 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 449 by Pierluigi Paganini
Securityaffairs
12 days ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
a month ago
Security Affairs newsletter Round 466 by Pierluigi Paganini
CERT-EU
5 months ago
Cyber Security Today, Week in Review for Friday, December 8, 2023 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Securityaffairs
5 months ago
Security Affairs newsletter Round 452 by Pierluigi Paganini
Securityaffairs
19 days ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
CERT-EU
5 months ago
UK accuses Russia of democratic interference
InfoSecurity-magazine
5 months ago
UK Government Warns of Russian Cyber Campaigns Against Democracy
Securityaffairs
2 months ago
Security Affairs newsletter Round 463 by Pierluigi Paganini
CERT-EU
4 months ago
Google says Russian espionage crew behind new malware campaign | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
5 months ago
Security Affairs newsletter Round 452 by Pierluigi Paganini | #ransomware | #cybercrime | National Cyber Security Consulting
Securityaffairs
a month ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
4 months ago
Security Affairs newsletter Round 456 by Pierluigi Paganini