| ID | Votes | Profile Description |
|---|---|---|
| Seaborgium | 6 | Seaborgium, also known as Star Blizzard, Callisto Group, COLDRIVER, and TAG-53, is a threat actor linked to suspected Russian threat activity groups. Open-source reporting has enabled Insikt Group to profile the infrastructure used by this group, revealing significant overlaps with other known malic |
| Bluecharlie | 5 | BlueCharlie, also known as TAG-53, Blue Callisto, Callisto (or Calisto), COLDRIVER, Star Blizzard (formerly SEABORGIUM), and TA446, is a threat actor that has been linked to Russia and has reportedly been active since 2019. The group has been involved in various malicious activities including cybere |
| Callisto | 5 | Callisto, also known as Gossamer Bear, COLDRIVER, UNC4057, Star Blizzard, Blue Charlie, and SEABORGIUM, is a threat actor linked to the Russian state. This group, which has been tracked by various entities including Microsoft, Google's Threat Analysis Group (TAG), and Insikt Group, is known for its |
| Star Blizzard | 4 | Star Blizzard, also known as Seaborgium or the Callisto Group, is a threat actor linked to Russia's intelligence service, the FSB. The group has been involved in sophisticated cyber-attacks worldwide, primarily using spear-phishing campaigns to steal account credentials and data. Microsoft, which tr |
| TA446 | 3 | TA446, also known as the Callisto APT group, Seaborgium, Star Blizzard, ColdRiver, TAG-53, and BlueCharlie, is a threat actor that has been active since at least 2015. This cyberespionage entity has persistently targeted individuals and organizations involved in international affairs, defense, and l |
| Callisto Group | 3 | The Callisto Group, a threat actor identified as part of the Russian Federal Security Service, has been exposed by the United States and the United Kingdom for its malicious cyber activities. This group, also known as Coldriver and formerly tracked by Microsoft under the moniker "Seaborgium," is com |
| Calisto | 2 | Calisto, also known as BlueCharlie, Blue Callisto, TAG-53, COLDRIVER, Star Blizzard (formerly SEABORGIUM), TA446, and UNC4057, is a threat actor that has been active since 2019. This group targets a wide range of sectors and is particularly focused on individuals and organizations involved in intern |
| Gossamer Bear | 2 | Gossamer Bear, also known as Callisto, Blue Callisto, BlueCharlie (or TAG-53), Calisto, Star Blizzard (formerly SEABORGIUM), TA446, and UNC4057, is a significant threat actor that has been active since 2019. The group primarily focuses on credential harvesting and conducts hack-and-leak campaigns ta |
| Unc4057 | 2 | UNC4057, also known as ColdRiver, Star Blizzard, Blue Charlie, and Callisto, is a Russian-backed advanced persistent threat (APT) group that has been active since 2019. This group, sponsored by the Federal Security Service (FSB), has been involved in various malicious activities on behalf of the Rus |
| Blue Callisto | 1 | Blue Callisto, also known as COLDRIVER, BlueCharlie (or TAG-53), Calisto, Gossamer Bear, Star Blizzard (formerly SEABORGIUM), TA446, and UNC4057, is a malicious software program that has been active since 2019. This malware is designed to infiltrate computer systems and devices, often undetected, vi |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Spica | Unspecified | 5 | Spica is a custom malware developed and utilized by the threat group known as Coldriver. The backdoor software, Spica, was first identified by Google's Threat Analysis Group (TAG), which has been tracking its use since as early as September of the previous year. The malware appears to be used in hig |
| Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Proton-decrypter.exe | Unspecified | 1 | None |
| Proton | Unspecified | 1 | Proton is a malicious software, or malware, that has been found to exploit and damage computer systems. It can infect systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Proton has the capability to steal personal information, disrupt operation |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Starblizzard | Unspecified | 1 | None |
| Callisto Apt Group | Unspecified | 1 | None |
| Blue Charlie | Unspecified | 1 | Blue Charlie, also known as TAG-53, UNC4057, Star Blizzard, and Callisto, is a threat actor linked to Russian threat activity groups such as the Callisto Group, COLDRIVER, and SEABORGIUM. Both Microsoft and the UK government have assessed this connection. The entity is believed to be part of the wid |
| Coldriver Apt | Unspecified | 1 | Coldriver APT is a threat actor believed to originate from Russia, known for its malicious cyber activities. As per the cybersecurity industry's naming conventions, this group has been identified as an Advanced Persistent Threat (APT), indicating their capability to conduct prolonged and targeted cy |
| Frozenvista | Unspecified | 1 | None |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Star Blizzard/seaborgium | Unspecified | 2 | None |
| Frozenlake/fancy | Unspecified | 1 | None |
| Blizzard/seaborgium | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| BankInfoSecurity | a month ago | European Union Sanctions Russian State Hackers |
| BankInfoSecurity | 3 months ago | US Cyber Command Expanded 'Hunt Forward' Operations in 2023 |
| CERT-EU | 5 months ago | Russian Hackers Target Ukraine Via A Disinformation Campaign |
| Securityaffairs | 5 months ago | Security Affairs newsletter Round 461 by Pierluigi Paganini |
| Securityaffairs | 5 months ago | Security Affairs newsletter Round 460 by Pierluigi Paganini |
| DARKReading | 5 months ago | Iran-Backed Charming Kitten Stages Fake Webinar Platform to Ensnare Targets |
| Securityaffairs | 5 months ago | Security Affairs newsletter Round 459 by Pierluigi Paganini |
| Securityaffairs | 6 months ago | Security Affairs newsletter Round 457 by Pierluigi Paganini |
| Securityaffairs | 6 months ago | Security Affairs newsletter Round 456 by Pierluigi Paganini |
| Malwarebytes | 6 months ago | Coldriver threat group targets high-ranking officials to obtain credentials | Malwarebytes |
| Securityaffairs | 6 months ago | Security Affairs newsletter Round 454 by Pierluigi Paganini |
| CERT-EU | 6 months ago | ColdRiver threat group targeting critical infrastructure with backdoor attacks |
| CERT-EU | 6 months ago | Russian hacker Coldriver extends tactics to include custom malware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
| DARKReading | 6 months ago | Microsoft: Iran's Mint Sandstorm APT Blasts Educators, Researchers |
| InfoSecurity-magazine | 6 months ago | Russian Coldriver Hackers Deploy Malware to Target Western Officials |
| CERT-EU | 6 months ago | What is SPICA backdoor malware used by Russian hackers on Western officials? | Technology News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
| CERT-EU | 6 months ago | Cyber Security Week in Review: January 19, 2024 |
| CERT-EU | 6 months ago | Google: Russian state hackers deploying malware in espionage attacks around Europe |
| CERT-EU | 6 months ago | Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware - Cyber Security Review |
| CERT-EU | 6 months ago | Russian FSB Hacking Group Turns to Malware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |