"Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware"

The Russia-backed Advanced Persistent Threat (APT) group ColdRiver, also known as Blue Charlie, Callisto, Star Blizzard, or UNC4057, has unleashed custom malware called Spica. According to Google's Threat Analysis Group (TAG), Spica is the first custom malware developed and used by ColdRiver. ColdRiver typically targets Non-Governmental Organizations (NGOs), former intelligence and military officers, and NATO governments for cyber espionage. Google TAG researchers say the Russian APT group delivers the malware through its impersonation tactic after establishing a relationship with the target. This article continues to discuss findings regarding ColdRiver's custom Spica backdoor.

Dark Reading reports "Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware"

Submitted by grigby1

Submitted by Gregory Rigby on