Google uncovers ‘LOSTKEYS' malware linked to Russian-backed Cold River hackers
Google has uncovered a new strain of malware, dubbed "LOSTKEYS", believed to be the work of Cold River, a Russian-aligned hacking group reportedly connected to the country's Federal Security Service (FSB), reported Reuters.
According to a blog post published on Wednesday by Google's Threat Intelligence Group (GTIG), the newly identified malware represents a significant advancement in Cold River's cyber capabilities. LOSTKEYS is designed to steal files and transmit system data back to its operators, expanding the group's known toolkit for espionage.
Wesley Shields, a researcher at GTIG, stated that the malware signals 'a new development in the toolset' used by the group, which has a history of targeting sensitive political and strategic entities.
Cold River, also known under various aliases, has been linked to previous cyber operations aimed at high-profile Western individuals and institutions. The group's primary mission, experts say, is the collection of intelligence that furthers Russian geopolitical interests.
Recent surveillance by Google's researchers shows that, between January and April 2025, Cold River targeted advisers—both current and former—to Western governments and military institutions. Other victims reportedly included journalists, international think tanks, non-governmental organisations, and individuals associated with Ukraine.
The Russian embassy in Washington has yet to respond to requests for comment on the allegations.
Cold River has previously drawn attention for its audacious operations. In mid-2022, the group was accused of targeting three nuclear research facilities in the United States. Later that year, it was implicated in the leaking of private emails belonging to former British intelligence chief Sir Richard Dearlove, alongside other individuals associated with pro-Brexit activities.
Cybersecurity analysts warn that the emergence of LOSTKEYS underscores a broader escalation in cyber espionage tactics being employed by state-linked actors. Google has urged targeted organisations and individuals to remain vigilant and adopt updated security measures to mitigate potential risks.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
&w=3840&q=100)
Business Standard
27 minutes ago
- Business Standard
With Russia airfield attacks, Ukraine aims for strategic and symbolic blow
While the full extent of the damage is still unknown, the operation shows how Kyiv has been able to adapt and evolve over the war using drones. Ukraine's drone attacks on airfields deep inside Russia on Sunday were strategic and symbolic blows that military analysts said were designed to slow Moscow's bombing campaign and demonstrate that Kyiv can still raise the cost of war for the Kremlin. After more than a year of planning, Ukraine was able to plant drones on Russian soil, just miles away from military bases. Then in a coordinated operation on Sunday, Ukrainian drones attacked five different regions in Russia. Some were launched from containers attached to semis, their flights captured on videos verified by The New York Times. Plumes of smoke billowed above one base. At another, strategic bombers were hit. Although the full extent of the damage is unknown, the attack, known as Operation Spider's Web, showed how Ukraine is adapting and evolving in the face of a larger military with deeper resources. Using drones, Kyiv has been able to push Russia out of much of the Black Sea, limit its gains on the front lines despite Ukraine's own troop shortages, and hamper Russia's ability to amass large concentrations of forces for major offensives. The operation on Sunday, along with extensive bombardments on Ukrainian cities by Moscow, also complicate ongoing efforts for diplomacy. Delegations from both sides met Monday for peace talks in Istanbul, with no breakthrough on a cease-fire announced. After the attacks, there were calls for a swift response across Russian media, and Ukrainians braced for retaliation even as they celebrated an operation that gave their beleaguered nation a much needed morale boost. Both sides have put out assessments that were not immediately verifiable. Ukraine said that 117 drones were used in the attacks and that 41 Russian aircraft were destroyed or damaged. Russian military bloggers played down the damage; the Russian Ministry of Defense said that Ukraine had attacked airfields in the Murmansk, Irkutsk, Ivanovo, Ryazan and Amur regions, and that Moscow had thwarted attacks at three of the bases. The New York Times verified videos that showed successful strikes at Olenya Air Base in the Murmansk region and Belaya Air Base in the Irkutsk region, and damage to at least five aircraft, four of them strategic bombers. Even with limited information, military analysts said the operation ranks as a signature event on par with the sinking of the Russian flagship Moskva early in the war and the maritime drone assaults that forced the Russian Navy to largely abandon the home port of the Black Sea Fleet in Sevastopol, Crimea. 'This is a stunning success for Ukraine's special services,' said Justin Bronk, senior research fellow for air power and technology at the Royal United Services Institute in London. 'If even half the total claim of 41 aircraft damaged/destroyed is confirmed, it will have a significant impact on the capacity of the Russian Long Range Aviation force to keep up its regular large scale cruise missile salvos against Ukrainian cities and infrastructure, whilst also maintaining their nuclear deterrence and signaling patrols against NATO and Japan,' he said in an email. Mick Ryan, a retired Australian general and fellow at the Lowy Institute, a Sydney-based research group, said that 'the proliferation of drones, open-source sensors and digital command and control systems means that long-range strike is now a commodity available to almost every nation state, and nonstate actor, with a few million dollars and the desire to reach out and strike their adversary.' Mr. Zelensky, in comments on Monday at a NATO meeting of Baltic and Nordic countries, said the operation showed Russia that it is also subject to serious losses, and 'that is what will push it toward diplomacy.' However, Mr. Ryan and other analysts cautioned that despite the nature of the attacks, they are unlikely to alter the political calculus of President Vladimir V. Putin of Russia, who remains bent on achieving his war aims. The operation is part of an evolving campaign Behind Ukraine's operation was a basic goal: Kill the archer instead of trying to stop the arrows. It is part of an ever-evolving campaign by Ukraine to play offense rather than defense, by targeting Russian missile platforms on land, air and sea. In December 2022, nine months into the war, Ukraine executed one of its first ambitious attacks on Russian territory, targeting two airfields hundreds of miles inside the country using long-range drones. As the drone strikes expanded over the years, Russia adapted, building protective structures around fuel depots at the bases, bringing in more air defense assets and routinely repositioning its fleet. Ukraine needed a new plan if it hoped to inflict serious damage. They came up with 'Operation Spider's Web,' which Ukrainian officials said was overseen personally by Mr. Zelensky and managed directly by the head of the S.B.U., Vasyl Malyuk. The idea was to bring small, first-person-view, or FPV, drones close enough to the airfields to render traditional air defenses systems useless. The Ukrainians on Monday offered an unusually detailed public account of the operation. Over the course of many months, they said, dozens of FPV drones were transported into Russia; the scale of the operation could not be independently verified. Mr. Zelensky claimed they set up a base of operations at a warehouse close to a regional headquarters of Russia's domestic intelligence agency, known as the F.S.B. Once the drones were smuggled into Russia, they were packed onto pallets inside wooden transport containers with remote-controlled lids and then loaded onto trucks, the S.B.U. statement said. There was no indication that the drivers of the trucks knew what they were hauling, Ukrainian officials said. Mr. Zelensky said that all of the Ukrainian agents involved in the operation had made it safely out of Russia before the operation commenced, a claim that could not be independently verified. The Russian government, in a statement on Sunday, said that some of those involved in the attack had been detained. Ukraine planted drones inside Russia One video verified by The Times shows a drone approaching Belaya air base before a strike. Other verified footage shows two drones launched from containers mounted on the back of a semi-truck less than four miles away. They fly in the direction of large smoke plumes now rising from the base. Footage recorded shortly afterward shows the same containers ablaze, their tops beside them on the ground. Ukrainian officials said in their account that the transport crates were rigged to self-destruct after the drones were released. Another video verified by the Times shows drones flying less than four miles from the Olenya air base. The man recording it suggests that the drones had been launched from a truck parked just down the road. The Times could not confirm that the drones in the various videos were part of the assault. In its assessment, Ukraine said the 41 planes accounted for 34 percent of the strategic cruise-missile carriers at air bases across three time zones. The Times was able to verify that four TU-95 bombers and one Antonov cargo plane were hit. Russian military bloggers claimed the Ukrainian damage estimates were inflated. One influential Russian military blogger, Rybar, run by Mikhail Zvinchuk, put the number of damaged Russian aircraft at 13, including up to 12 strategic bombers. Another one, Fighterbomber, believed to be run by Capt. Ilya Tumanov of the Russian Army, said in a post on Monday that only 'a handful' of strategic aircraft were hit, but even such a loss was 'huge for a country that doesn't make them.' Col. Markus Reisner, a historian and officer in the Austrian Armed Forces, said that the best Western estimates suggest that Russia had slightly over 60 active Tu-95s and around 20 Tu-160 bombers. 'Replacing losses will be very challenging,' he said. Ben Hodges, a retired general who commanded the U.S. Army Europe, said the available evidence suggests that the operation put a 'real dent' in Russia's ability to launch large salvos of cruise missiles. 'The surprise that they achieved will have a shock on the system as the Russians try to figure out how these trucks loaded with explosives got so deep inside of Russia,' he said. The attack raises new risks Mr. Zelensky said the attack was not only designed to undercut Russia's ability to bombard Ukrainian cities but to increase pressure on the Kremlin to accept an unconditional cease-fire. 'It was the Russians who chose to continue the war — even under conditions where the entire world is calling for an end to the killing,' he said in his nightly address to the nation. 'And pressure is truly needed — pressure on Russia that should bring it back to reality.' There was no indication that the attack had changed the Kremlin's belief that it holds an advantage over Ukraine, counting on the weakening resolve of Kyiv's allies and its ability to grind down vastly outnumbered Ukrainian forces. There was also the risk that Ukraine's allies would be rattled by the attack and the general pattern of escalation in recent weeks as Russia steps up its own bombardments. But Mr. Ryan said the strikes also show how Ukraine is evolving so that it is less reliant on U.S. intelligence in the event of 'shut offs' like earlier this year. The operation, he said, demonstrates 'how success in war is biased toward those who learn and adapt the quickest.'
Hindustan Times
31 minutes ago
- Hindustan Times
Britain says US agrees on need to implement tariff deal soon
LONDON/PARIS - Britain and the United States have agreed on the need to implement a tariff relief deal between the countries as soon as possible, the UK government said, after their trade envoys met on the eve of impending higher tariffs on steel. British Prime Minister Keir Starmer and U.S. President Donald Trump agreed to reduce tariffs on British imports of cars and steel to the United States last month, with Britain agreeing to lower tariffs on beef and ethanol. But a delay in implementing the deal means steel tariffs may go up before they come down, as Trump last week said that tariffs on imported steel would rise to 50% from 25% starting on Wednesday. Industry body UK Steel said it understood that British producers were likely to be affected, which would be a "body blow" to the sector. British trade minister Jonathan Reynolds met U.S. Trade Representative Jamieson Greer on Tuesday to discuss the pace of implementation of the deal. "The pair discussed their shared desire to implement the Economic Prosperity Deal, including implementing agreements on sectoral tariffs as soon as possible," Britain's trade ministry said in a statement after the meeting. "The pair agreed that businesses and consumers on both sides of the Atlantic must start to feel the benefits of the deal soon, with both sides committing to work closely to make that happen." Greer's office did not have an immediate comment. Before the meeting Starmer's spokesperson said that, once implemented, the deal with Washington would eliminate tariffs on the "majority of steel products" exported to the United States, and that "we'd continue to expect that to be the case" regardless of the 50% tariff announced by Trump. He also said that industry minister Sarah Jones was meeting with representatives from the steel sector on Tuesday. Asked earlier if the 50% tariffs would go ahead on Wednesday, Greer, speaking French with reporters in Paris, said: "We'll see." Reynolds is on a three-day trip to Paris and Brussels. After meetings with Group of Seven and OECD counterparts in Paris, he will hold talks with EU trade commissioner Maros Sefcovic. Britain struck deals with the U.S. and the European Union - its two biggest trading partners - last month, but both are political pacts rather than formal trade agreements, and the details of their implementation have not been set out. With the EU deal, plans to remove red tape on the food sector are yet to be finalised. In advance of that agreement coming into force, Britain on Monday said it would scrap border checks on fruit and vegetables imported from the EU that had been due to be effective beginning in July.
Time of India
an hour ago
- Time of India
Quad ministers set to meet soon, clear decks for summit India will host
Quad foreign ministers are likely to meet soon in Washington as India gears up to host the summit later this year. It's learnt that discussions are underway to have the meeting of the informal strategic group involving Australia, India, Japan either in late June or early July, depending upon the availability of the ministers. The meeting of the foreign policy chiefs, if it happens, will lay the ground for the summit that will see US President Donald Trump, Japanese PM Shigeru Ishiba and his Australian counterpart Anthony Albanese travelling to India. With the US keen on hosting it, the meeting will again underscore the Trump administration's unwavering commitment to the group Trump helped revive during his first term - and which has evolved rapidly to work towards a free, open, inclusive, prosperous and resilient Indo-Pacific – in the middle of Washington's efforts to improve trade ties with China. The Trump administration's diplomatic engagements in fact kicked off with a meeting of the Quad foreign ministers on January 21 this year, a day after the president was sworn in for the second time. Quad has remained ring-fenced from differences that partners have had with the US over trade and tariff issues and, in the case of India, the unease here over some of the claims made by the US about its role in the India-Pakistan military clash last month. The meeting will also provide an opportunity for external affairs minister S Jaishankar to review India-US cooperation with his counterpart Marco Rubio in a bilateral meeting, including the ongoing efforts for a bilateral trade agreement. While Russia and China continue to see Quad as an exercise in containment, India believes the grouping's agenda is constructive and practical, focused as it is on infrastructure, debt sustainability, healthcare, critical and emerging technologies, UN reforms, climate change and humanitarian assistance. And that focus will remain unchanged even as India's ties with China improve considerably. Counterterrorism is also an important focus area for Quad and a strong condemnation of the Pahalgam terrorist attack can be expected from the meeting. In the past, Quad leaders have condemned the Mumbai and Pathankot terrorist attacks and also called upon all States to uphold international standards on anti-money laundering and combating terror-financing, in line with FATF recommendations. While the date for the Quad summit has not been finalized yet, it will probably take place within months of the scheduled meeting of Shanghai Cooperation Organisation (SCO) leaders in China in late August or early September. PM Narendra Modi has neither accepted nor rejected the invitation for the SCO summit but it's unlikely that the event will not see participation at any level by India as working concurrently with these groups allows it to amplify its strategic autonomy. In addition to that, India is also hoping to host Russian President Vladimir Putin for the annual summit this year.
