New Russia-affiliated actor Void Blizzard targets critical sectors for espionage
Void Blizzard, a newly identified Russia-affiliated threat actor, has been conducting global cyberespionage operations since April 2024. Their primary targets are organizations in critical sectors, particularly in NATO member states and Ukraine, including government, defense, transportation, media, NGOs, and healthcare. The group employs tactics such as using stolen credentials, likely obtained from commodity infostealer ecosystems, and recently evolved to include targeted spear phishing for credential theft. Despite using unsophisticated techniques, Void Blizzard has been effective in gaining access and collecting large volumes of emails and files from compromised organizations. Their activities pose a significant risk to NATO member states and allies of Ukraine.
Pulse ID: 6835955789329a0d9f2f521c
Pulse Link: https://otx.alienvault.com/pulse/6835955789329a0d9f2f521c
Pulse Author: AlienVault
Created: 2025-05-27 10:35:03
Be advised, this data is unverified and should be considered preliminary. Always do further verification.