Russian hackers targeted three US nuclear research laboratories in a phishing scam last year, Reuters reports(Opens in a new window).
A hacking team known as Cold River allegedly created fake login pages for Brookhaven, Argonne and Lawrence Livermore National Laboratories and sent them to nuclear scientists in the hope that they would reveal their passwords.
Adam Myers, senior vice president of intelligence at cybersecurity firm CrowdStrike, told Reuters that Cold River is “involved in direct support of the Kremlin’s information operations.”
The hacking attempts occurred when UN experts entered Russian-controlled Ukraine to inspect Europe’s largest nuclear power plant, reports Reuters.
In its attempt to convince people to enter usernames and passwords, Cold River used email accounts to register domain names that resembled legitimate services run by Google and Microsoft, security researchers told Reuters.
Cold River has reportedly been operating since at least 2015. Email accounts used in the hacker group’s phishing operations between 2015 and 2020 were traced to an IT worker in the Russian city of Syktyvkar, Reuters reported.
While Moscow has consistently denied that it conducts hacking operations, and there is no confirmation of Russia sponsoring these attacks, it is notable that Cold River has exclusively targeted countries that are critics and enemies of Moscow. And Cold River’s hacking campaigns have intensified since the Russian invasion of Ukraine, according to cybersecurity researchers who spoke to Reuters.
Recommended by our editors
In May 2022, Reuters reports, Cold River broke into and leaked emails(Opens in a new window) which belonged to the former head of Britain’s MI6 intelligence service.
And in another operation(Opens in a new window)the hacker group registered domain names impersonating at least three European NGOs investigating war crimes.
These attacks are reported to have occurred shortly before and after the launch of an independent UN commission of inquiry on 18 October which found that Russian forces were responsible for the “vast majority” of human rights abuses in the first weeks of the Russian invasion of Ukraine.
Do you like what you read?
Sign up SecurityWatch newsletter for our best privacy and security stories delivered straight to your inbox.