Russian hackers accused of targeting US and Ukrainian organizations have set their sights on the North Atlantic Treaty Organization and multiple Eastern European countries, Google’s Threat Analysis Group (TAG) said Wednesday, reinforcing US officials’ warnings about Russian-based cyberattacks on global targets.
A Russian-based hacking group known as COLDRIVER or Callisto has targeted one of NATO’s Centers of Excellence military training organizations, as well as multiple unnamed Eastern European nations, Google said in a TAG blog Wednesday.
Google says these are the first observed attempts by COLDRIVER to target the NATO training center or the Eastern European countries.
The hackers attempted to carry out phishing campaigns, a type of cyberattack that seeks to steal user data like usernames, passwords or credit card information using email addresses that appear to belong to trusted entities.
Google said it is unsure whether the attacks were successful, as the hackers targeted non-Google email addresses using new Gmail accounts, but it has not spotted any successful phishing attacks on Gmail accounts during these campaigns.
COLDRIVER has also attempted phishing attacks against multiple unnamed US-based non-governmental organizations, a Ukrainian defense contractor and the military of an unnamed Balkan country, Google said.