Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware

The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language.
Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are

actor analysis attack attack chains beyond coldriver credential credential harvesting decoy documents google hackers language latest malware pdfs phishing programming programming language russia russian rust rust programming tag threat threat actor threat analysis threat analysis group written