Russian hackers attack US nuclear labs – media

Experts were able to trace the whereabouts of one of the members of one of the hacker groups. Apparently the Russian lives in Syktyvkar.

In the summer of 2022, the Cold River hacker group attacked three US nuclear research laboratories. Reuters writes about it.

Between August and September, Cold River was reported to have attacked Brookhaven (BNL), Argonne (ANL), and Lawrence Livermore National Laboratories (LLNL). So hackers created fake pages for each institution and emailed scientists, forcing them to give away important passwords.

The publication reported that it is not yet clear whether the attacks were successful. According to cybersecurity researchers and Western government officials, Cold River stepped up its hacking campaign against Kiev’s allies following Russia’s invasion of Ukraine. The attack began when IAEA experts went to the now occupied Zapoozhskaya nuclear power plant.

Journalists write that the Cold River group first came to the attention of intelligence experts after the 2016 attack on the British Foreign Office.

According to the senior vice president of intelligence at the American company CrowdStrike, this hacker group directly supports the Kremlin’s information operations.

The article said that, according to many Western officials, the Russian government is the world leader in hacking attacks and uses cyber espionage to spy on foreign governments. Thus, Moscow wants to gain a competitive advantage.

The publication writes that five experts in the field of cybersecurity, with whom journalists spoke, confirmed that the Cold River group was involved in attempts to break into nuclear laboratories.

Group’s ties with Russia

Cold River has reportedly made several mistakes in recent years that have allowed cybersecurity analysts to pinpoint the exact location and identity of one of its members. This is the clearest indication that the group is of Russian origin.

Journalists write that several personal email addresses used for the Cold River attacks belong to Andrei Korints, a 35-year-old IT specialist and bodybuilder from Syktyvkar.

Billy Leonard, a security engineer on Google’s Threat Intelligence Team, said Corinets was definitely linked to the Cold River attacks.

Vincas Ciziunas, a security researcher at Nisos who linked Korinets’ email addresses to Cold River events, discovered a series of Russian-language Internet forums where Korinets discussed hacker attacks.

Journalists interviewed Korinets. He confirmed that the accounts belonged to him, but refused to acknowledge his involvement in Cold River. He said he was fined by a Russian court for his sole hacking experience.

However, journalists were reportedly able to verify Korinets’ ties to Cold River themselves, using data collected through cybersecurity research platforms Constella Intelligence and DomainTools, which help identify website owners. It appears that Korinets’ email addresses are registered on numerous websites used in “Cold River” hacking campaigns between 2015 and 2020. It is unclear whether Korinets has been involved in hacking operations since 2020.

Previously Focus wrote that hackers hacked a top hospital in Belarus and leaked PCR tests of Lukashenka and his son. So, Alexander and Nikolai Lukashenko received certificates on the eve of the meeting with Vladimir Putin. Time of administration indicates discharge without analysis.

It was also reported that the Russians disclosed a record number of data leaks. Since the beginning of the Russian Armed Forces’ invasion of Ukraine, hackers have released one and a half times more data than in the last three years combined.

Source: Focus

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest

“I don’t believe”: Alexis Vega reacted to the publication of FIFA’s “top 10” on the continent, where he appears next to Messi and Neymar

Alexis Vega has been selected as the player to wear the number 10 on the jersey. and carry the weight it represents in Three....

Guillermo Ochoa and his perfect game in Europe: Memo can get to Inter Milan

Guillermo Ochoa leaves Águilas del America due to criticism. The Mexican goalkeeper has been the target of memes in every cream and blue...

Judge Postpones Arrest Hearing Due to Leaked Pentagon Documents

A federal judge has postponed a scheduled detention hearing for another two weeks. Jack TeixeiraMassachusetts man accused of leaking military secrets from Pentagon to...