Russian Hackers Reportedly Attacked US Nuclear Labs

Total times read this article : 8

Russian hackers targeted three US nuclear research laboratories in a phishing scam last year, Reuters reports(Opens in a new window)

A hacking team known as Cold River reportedly created fake login pages for the Brookhaven, Argonne, and Lawrence Livermore National Laboratories and emailed them to nuclear scientists in the hope that they would reveal their passwords. 

Adam Myers, senior vice president of intelligence at cybersecurity firm CrowdStrike, told Reuters that Cold River is “involved in directly supporting Kremlin information operations.”  

The hacking attempts happened as UN experts entered Russian-controlled Ukraine to inspect Europe’s biggest atomic power plant, Reuters reports.

In its bid to convince people into entering usernames and passwords, Cold River used email accounts to register domain names that resembled legitimate services run by Google and Microsoft, security researchers told Reuters.

Cold River has reportedly been in operation since at least 2015. Email accounts that were used in the hacking group’s phishing operations between 2015 and 2020 were traced to an IT worker in the Russian city of Syktyvkar, Reuters reported.

While Moscow has consistently denied it carries out hacking operations, and there is no confirmation from Russia that is sponsoring these attacks, it is notable that Cold River has been solely targeting countries that are critics and enemies of Moscow. And Cold River’s hacking campaigns have intensified since the Russian invasion of Ukraine, according to cybersecurity researchers who spoke to Reuters.

Recommended by Our Editors

In May 2022, Reuters reports, Cold River broke into and leaked emails(Opens in a new window) that belonged to the former head of Britain’s MI6 intelligence service. 

And in another operation(Opens in a new window), the hacking group registered domain names that were an imitation of at least three European NGOs that were investigating war crimes.

These attacks are reported to have occurred just before and after the Oct. 18 launch of a UN independent commission inquiry that found Russian forces to be responsible for the “vast majority” of human rights violations in the early weeks of the Russian invasion of Ukraine.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”31.423799582463″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0

RELATED ARTICLESMORE FROM AUTHOR