Latest news with #Russian-aligned
Mint
07-05-2025
- Politics
- Mint
Google uncovers ‘LOSTKEYS' malware linked to Russian-backed Cold River hackers
Google has uncovered a new strain of malware, dubbed "LOSTKEYS", believed to be the work of Cold River, a Russian-aligned hacking group reportedly connected to the country's Federal Security Service (FSB), reported Reuters. According to a blog post published on Wednesday by Google's Threat Intelligence Group (GTIG), the newly identified malware represents a significant advancement in Cold River's cyber capabilities. LOSTKEYS is designed to steal files and transmit system data back to its operators, expanding the group's known toolkit for espionage. Wesley Shields, a researcher at GTIG, stated that the malware signals 'a new development in the toolset' used by the group, which has a history of targeting sensitive political and strategic entities. Cold River, also known under various aliases, has been linked to previous cyber operations aimed at high-profile Western individuals and institutions. The group's primary mission, experts say, is the collection of intelligence that furthers Russian geopolitical interests. Recent surveillance by Google's researchers shows that, between January and April 2025, Cold River targeted advisers—both current and former—to Western governments and military institutions. Other victims reportedly included journalists, international think tanks, non-governmental organisations, and individuals associated with Ukraine. The Russian embassy in Washington has yet to respond to requests for comment on the allegations. Cold River has previously drawn attention for its audacious operations. In mid-2022, the group was accused of targeting three nuclear research facilities in the United States. Later that year, it was implicated in the leaking of private emails belonging to former British intelligence chief Sir Richard Dearlove, alongside other individuals associated with pro-Brexit activities. Cybersecurity analysts warn that the emergence of LOSTKEYS underscores a broader escalation in cyber espionage tactics being employed by state-linked actors. Google has urged targeted organisations and individuals to remain vigilant and adopt updated security measures to mitigate potential risks.
Boston Globe
27-02-2025
- Politics
- Boston Globe
Long shunned, pro-Russia politicians in Ukraine see an opening
The politicians are posting widely viewed videos on social media in which they have promoted themselves as future candidates; criticized President Volodymyr Zelensky and his government; and praised Trump. Advertisement The efforts are unlikely to gain much traction in a country that remains overwhelmingly hostile to Russia and the people who have supported it. But analysts say the videos, which are rife with misinformation, could nonetheless stoke divisions at a time when Ukraine's unity and its leaders are under threat from a hostile Trump. Oleksandr Dubinsky, a former member of Parliament, has produced videos promoting what he calls a pro-Trump and pro-peace agenda from prison, where he is serving time for treason. His videos place blame on Ukraine's leaders for the war, saying they are committing genocide against the Ukrainian people, an echo of Russian propaganda. Since November, when Trump was elected to a second term, the audience for Dubinsky's jailhouse videos on TikTok has grown from about 40,000 to nearly 1.6 million views. On Feb. 20, two days after Trump called Zelensky a 'dictator,' Dubinsky announced that he would run for president if an election were held. Ukraine was in danger of falling into a 'new form of dictatorship,' Dubinsky said, accusing Zelensky of forcing his most prominent potential challengers to renounce running for election. A former head of the Opposition Platform for Life, Yuriy Boyko, had no activity on social media until early December, when he started posting videos from a newly opened TikTok account. In the videos, he blames 'Ukrainian radicals' for laws sidelining Russian language in public spaces, a theme that has long been voiced by Putin. Advertisement The pro-Russian politicians appear to have at least some support within the Trump administration. In 2023, Tulsi Gabbard, who is now serving as the national intelligence director, criticized the banning of Opposition Platform for Life, saying that Zelensky had 'outlawed opposition political parties.' However, other opposition parties have been operating freely in Ukraine. The term 'pro-Russian' in Ukrainian politics is generally applied to figures linked to the country's former Russian-aligned president, Viktor Yanukovych, who fled to Moscow after a street uprising in 2014. Former members of Opposition Platform for Life who were once affiliated with Yanukovych still hold about two dozen seats in Parliament. Political analysts say the pro-Russia politicians had seen an opening provided by the demands for an election by Moscow to destabilize Ukraine from within. 'The role of pro-Russian politicians is to introduce divisive topics into society,' said Oleh Saakyan, a political analyst at the National Platform for Resilience and Social Cohesion, an independent think tank. 'They aim to create divisions between groups like veterans and nonveterans, refugees and those who stayed in Ukraine, and pit them against each other.' Russia appears to be backing a three-stage plan for ending the war that would center on the holding of elections in Ukraine. Under the plan, which emerged after a high-profile meeting in Saudi Arabia this month between US and Russian officials, there first would be a temporary cease-fire, followed by elections in Ukraine, and then signing a peace agreement with a newly elected president. Ukraine was due to hold a presidential election in early 2024, but the government and civil society groups have agreed that it is impossible to hold an election at a time of war. Advertisement Most Ukrainian politicians and analysts say they believe Russia is trying to stir political infighting in Ukraine to distract from the defense of the country and that Moscow would use the time to regroup and build up forces for renewed combat. 'When elections cannot be held according to democratic standards, they become a tool in Russia's hands to attack democracy instead of supporting it,' Saakyan said. This article originally appeared in
Yahoo
27-02-2025
- Politics
- Yahoo
Trump's actions at the UN represent a radical new realignment with Russia
At the United Nations on Monday, the United States sided with Russia multiple times in a remarkable break from its international diplomatic posture since Russia's invasion of Ukraine in 2022. The American move made it clearer than ever: that President Donald Trump is pursuing a radical new alignment with Russia and, in the process, a new global order. First, the U.S. voted against a U.N. resolution that condemned Russia's invasion of Ukraine. The resolution, which called for Russia's withdrawal from Ukraine's internationally recognized borders, was backed by major European countries and Ukraine, and passed with the support of 93 U.N. member states. The U.S. was not among them. Instead, it voted in the same camp as nondemocratic Russian-aligned countries such as North Korea and Belarus, and against its allies across the Western world. (Notably, Israel joined the U.S. in its own precedent-breaking vote against the condemnation of Russia.) Crucially, the Trump administration declined to take a softer, middle-ground position of abstaining from the vote. That's what some Russia-friendly countries such as China and Iran did, allowing those countries to avoid either endorsing interventionism or hurting their warm relationship with Russia. Abstention was also the move for a lot of countries across Latin America, Asia and Africa that have made clear that they have no desire to get involved on either side of the Russia-Ukraine war. But in voting against the resolution — after reportedly pressuring Ukraine to drop it — the U.S. flipped its position on the war upside-down and diplomatically absolved Russia for the brutal invasion of its neighbor. After that vote, the U.S. presented its own resolution at the U.N. Security Council calling for a 'swift end to the conflict between Russia and Ukraine' — but omitted any critical mention of Russia. U.S. allies on the Security Council, such as the United Kingdom and France, tried to amend the language of the resolution to reflect who was to blame for the war, and attempted to delay a vote on the measure. But they failed in their efforts. Ultimately, the U.K. and France — and three other European countries — abstained from the vote, which was ultimately approved by the Security Council. 'No one wants peace more than Ukraine, but the terms of that peace matter,' U.K. Ambassador to the U.N. Barbara Woodward said usually eager to hold forth at length about the least consequential topics, has had little of substance to say about U.S. positioning at the U.N. 'I would rather not explain it now, but it's sort of self-evident I think,' he told reporters when asked about his administration's opposition to the resolution condemning Russia. He's right: the vote speaks for itself. It says that Trump is not merely 'soft' on Russia — as he was sometimes during his first term, although often not nearly as much as Democrats thought he was — but rather that he now sees a decades-long adversary as a friend, or at least potential friend, of America. It says that the once airtight U.S.-European alliance is collapsing. It says that the U.S. is done with even pretending to care about sovereignty norms and human rights. And it says that the U.S. backs an every-man-for-himself ethos in a global order in which the strong rule the weak without apology or shame. This article was originally published on
Yahoo
20-02-2025
- Yahoo
Russian hackers target Signal accounts in growing espionage effort
Google's Threat Intelligence Group (GTIG) has identified a rise in Russian state-backed hacking attempts aimed at compromising Signal messenger accounts. These attacks primarily target individuals of interest to Russia's intelligence services, including military personnel, government officials, journalists, and activists. While these efforts are currently tied to Russia's war in Ukraine, experts warn that similar tactics may soon be adopted by other threat actors worldwide. The broader concern extends beyond Signal, as Russian-aligned groups have also been observed targeting messaging platforms like WhatsApp and Telegram using comparable methods, according to the group's latest report published on Feb. 19. Experts warn that these attacks signal a growing global trend in cyber espionage, where governments and hacking groups are increasingly seeking to infiltrate secure messaging apps. The primary technique used in these attacks involves exploiting Signal's "linked devices" feature, which allows users to connect additional devices to their accounts. Hackers have crafted malicious QR codes that, when scanned, link a victim's Signal account to a hacker-controlled device. Read also: US, UK, Australia sanction Russian cyber firm Zservers over ransomware attacks This enables them to intercept messages in real-time without needing direct access to the victim's phone. Phishing campaigns distributing these malicious QR codes have been disguised as legitimate Signal security alerts, group invitations, or even official device-pairing instructions from the Signal website. In some cases, hackers have embedded these QR codes within fake applications designed to mimic software used by the Ukrainian military. Beyond remote phishing, Russian cyber operatives have also deployed this tactic in battlefield scenarios. The group APT44—also known as Sandworm, a unit linked to Russia's military intelligence agency (GRU)—has reportedly used the method on captured devices. Soldiers' Signal accounts are being linked to Russian-controlled infrastructure, allowing continued surveillance of sensitive conversations. This approach is difficult to detect because Signal does not have a centralized system for flagging new linked devices, meaning a successful breach could remain unnoticed for an extended period. Signal, in collaboration with Google, has since strengthened its security measures to counter these phishing attempts. The latest updates for both Android and iOS include enhanced protections designed to prevent unauthorized device linking. Users are urged to update their apps to the newest version and remain cautious of suspicious QR codes or unexpected device-linking requests. Read also: Ukrainian defense tech company Huless raises over $1 million for tethered drone systems We've been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.
