Russia-linked threat actors continue targeting civil society with sophisticated social engineering campaigns and lightweight malware tools in September 2025. The campaign delivers two previously undocumented malware families: a downloader dubbed BAITSWITCH and a PowerShell-based backdoor named SIMPLEFIX. COLDRIVER, also tracked as Star Blizzard, Callisto, and UNC4057, has historically focused on credential phishing campaigns against NGOs, think tanks, journalists, […] The post COLDRIVER APT Group Uses ClickFix to Deliver New PowerShell-Based Backdoor BAITSWITCH appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/coldriver-apt-group/
