COLDRIVER Expands Beyond Phishing, Incorporating Custom SPICA Backdoor

Threat Level – Red | Vulnerability Report
Download PDF

The threat actor associated with Russia, known as COLDRIVER or Star Blizard, has expanded its tactics from mere credential harvesting. The group has initiated campaigns where PDFs are employed as lure documents to distribute malware. Notably, COLDRIVER has introduced its first custom malware, the SPICA backdoor, written in the Rust programming language.

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox