Star Blizzard
Aliases: SEABORGIUM, Callisto Group, TA446, COLDRIVER
Star Blizzard is a cyber espionage and influence group originating in Russia that has been active since at least 2019. Star Blizzard campaigns align closely with Russian state interests and have included persistent phishing and credential theft against academic, defense, government, NGO, and think tank organizations in NATO countries, particularly the US and the UK.
Open interactive actor investigation
ATT&CK techniques
T1583.001
DomainsT1114.002
Remote Email CollectionT1550.004
Web Session CookieT1204.002
Malicious FileT1608.001
Upload MalwareT1539
Steal Web Session CookieT1589
Gather Victim Identity InformationT1585.002
Email AccountsT1566.001
Spearphishing AttachmentT1598.002
Spearphishing AttachmentT1598.003
Spearphishing LinkT1588.002
ToolT1583
Acquire InfrastructureT1114.003
Email Forwarding RuleT1585.001
Social Media AccountsT1078
Valid AccountsT1586.002
Email AccountsT1059.007
JavaScriptT1593
Search Open Websites/Domains
DomainsT1114.002
Remote Email CollectionT1550.004
Web Session CookieT1204.002
Malicious FileT1608.001
Upload MalwareT1539
Steal Web Session CookieT1589
Gather Victim Identity InformationT1585.002
Email AccountsT1566.001
Spearphishing AttachmentT1598.002
Spearphishing AttachmentT1598.003
Spearphishing LinkT1588.002
ToolT1583
Acquire InfrastructureT1114.003
Email Forwarding RuleT1585.001
Social Media AccountsT1078
Valid AccountsT1586.002
Email AccountsT1059.007
JavaScriptT1593
Search Open Websites/Domains