Russian cyber group Star Blizzard unleashes a global spear-phishing attack

Russian cyber group Star Blizzard unleashes a global spear-phishing attack

A menacing hacker group with ties to the Kremlin is attacking Americans

by Kunal Kohli and Kurt Knutsson

A Russian hacking group tied to the Kremlin has unleashed a global attack. They are using what appear to be links to innocent websites to steal information. These hackers from Star Blizzard which formerly operated as SEABORGIUM, are also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie. The dangerous group is targeting anyone who might have information they can use. They’re even going after the U.S. government.

 

Who Star Blizzard has attacked so far

So far, Star Blizzard has attacked people tied to academics, defense, government organizations, and more in both the U.S. and the U.K. According to the U.S. Cybersecurity and Infrastructure Security Agency, the group is also targeting NATO members and countries near China.

 

What is spear-phishing

Spear-phishing is an attack where hackers target specific groups or individuals. They think their victims either have the information they want or have direct access to it. In this case, we don’t know what information Star Blizzard wants. However, we do know how their operation works.

MORE: HOW TO OUTSMART CRIMINAL HACKERS BY LOCKING THEM OUT OF YOUR DIGITAL ACCOUNTS 

 

How Star Blizzard hackers use social engineering to trick you

According to the CISA, Star Blizzard hackers will use social media and networking platforms to stalk their victims. They’ll take their time to really get to know their target.

They’ll then create fake email accounts such as Outlook, Gmail, and others, plus social media profiles to impersonate your close contacts or experts. Hackers will even go so far as to create malicious websites that appear to be legitimate to fool you.  And the CISA says there have been cases where attackers have created fake event invitations to lure their victims.

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter.

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.
Tips to avoid our newsletters going to your junk folder

 

The trap of Star Blizzard hackers

From there, they’ll reach out to you and begin to draw you into their trap. Usually, they’ll look for common interests to help spark a conversation. Hackers will then send a malicious link, posing as a Google Drive, OneDrive, or another link where you’d have to log on to a platform.

According to Microsoft, some of the common URLs that Star Blizzard hackers use look like this (for safety reasons, the exact URL has been modified):

  • https://drive.google.com/file/d/XXXXXXXXXXXXXX/view?usp=sharing
  • https://onedrive.live.com/?authkey=%XXXXXXXXXXXXXXXXXXXXXXXXXX%XXXX&cid=8XXXXXXXXX9B7
  • https://www.dropbox.com/s/XXXXXXXXXXXXX/Star_Blizzard_Report.pdf?dl=0

These URLs may look legitimate, but they are actually designed to trick you into entering your credentials or downloading malicious files. You should never click on any link that you receive from an unknown or suspicious source.

If you do, the hackers can steal your information as soon as you type it in, download it, or click a malicious file or link. Once you do this then they have full access to your account. From there, your information is theirs to have and use.

 

MORE: THE NEW IPHONE SECURITY THREAT THAT ALLOWS HACKERS TO SPY ON YOUR PHONE 

 

How you can protect yourself from Star Blizzard hackers

Be careful about clicking on links in emails or messages from unknown or suspicious sources, especially on social media and networking platforms, as that’s how Star Blizzard hackers like to stalk their victims. They might lead you to malicious websites that can steal your information or infect your device with malware.

Verify the identity of the sender before opening any attachments or downloading any files. You can do this by checking their email address, social media profile, or other online presence. If you are not sure, you can contact them through another channel to confirm.

Use strong and unique passwords for your online accounts and change them regularly. Be sure to use separate passwords for email accounts and try to avoid re-using the same passwords over and over again. Using the same password across multiple platforms will always make you more vulnerable because if one account gets hacked, they all get hacked. You can also use a password manager to store and generate secure passwords for you. This way, you can prevent cybercriminals like Star Blizzard hackers from accessing your accounts if they compromise one of them.

Enable two-factor authentication (2FA) for your online accounts whenever possible. This adds an extra layer of security by requiring a code or a device to log in. This way, even if the Russian hacking group gets your password, they won’t be able to access your account without the second factor.

Keep your software and devices updated with the latest security patches and updates. This can help you fix any vulnerabilities or bugs that Star Blizzard hackers might exploit.

Have good antivirus software on all your devices: The best way to protect yourself from having your data breached is to have antivirus protection installed on all your devices. Having good antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked by Star Blizzard hackers.  

Special for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2023 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2023

 

MORE: FREE ANTIVIRUS SOFTWARE: SHOULD YOU USE IT?

 

I’ve been scammed by Star Blizzard hackers! What to do next?

Below are some next steps if you find you or your loved one is a victim of identity theft.

1) If you can regain control of your accounts, change your passwords and inform the account provider.

2) Look through bank statements and checking account transactions to see where outlier activity started.

3) Use a Fraud protection service. (Cyberguy) Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.  

My top recommendation is Identity GuardOne of the best parts of using Identity Guard includes identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.

Special for CyberGuy Readers:  Save up to 51% with my top recommendation is Identity Guard.

Read more of my review of best identity theft protection services here.

Best identity theft protection services 2023

4) Report any breaches to official government agencies like the Federal Communications Commission.

5) You may wish to get the professional advice of a lawyer before speaking to law enforcement, especially when you are dealing with criminal identity theft, and if being a victim of criminal identity theft leaves you unable to secure employment or housing

6) Alert all three major credit bureaus and possibly place a fraud alert on your credit report.

7) Run your own background check or request a copy of one if that is how you discovered your information has been used by a criminal.

If you are a victim of identity theft, the most important thing to do is to take immediate action to mitigate the damage and prevent further harm.

 

Kurt’s key takeaways

Let’s take a step back and look at the big picture: a Russian hacker group connected to the Kremlin is breaking into Americans’ computers and stealing our information. With global strife growing, it’s important we protect ourselves on all fronts, including the cyber front. Make sure you’re protected by using antivirus software, a password manager, and other tools.

What are some other ways you protect yourself online? Are you worried about the threat of global hacking groups? Let us know by commenting below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Answers to the most asked CyberGuy questions:

 

 

 

Copyright 2023 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder