• About Us
  • Careers
  • Contact
No Result
View All Result
Tuesday, August 5, 2025
DeFi Planet
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer
No Result
View All Result
DeFi Planet
No Result
View All Result
Home News Crypto

Google Uncovers New Malware ‘LOSTKEYS’ Used by Russian-Backed COLDRIVER Group in Sophisticated Attacks

8 May 2025
in Crypto, News
Reading Time: 3 mins read
103 6
Google Uncovers New Malware 'LOSTKEYS' Used by Russian-Backed COLDRIVER Group in Sophisticated Attacks

Source: WIRED

Russian-backed cyber-espionage group COLDRIVER has ramped up its tactics with the deployment of a new malware strain known as LOSTKEYS, targeting high-profile Western individuals and organizations, according to a new report from Google Threat Intelligence.

The threat actor, previously known for its credential phishing operations, is now adopting more advanced techniques to steal sensitive documents. The LOSTKEYS malware operates through a multi-stage infection chain, beginning with a deceptive lure website that mimics CAPTCHA verification. Once a victim interacts with the site, a malicious PowerShell script is stealthily copied to their clipboard. From there, the script executes a series of evasion techniques before downloading the final payload — the LOSTKEYS malware.

Once installed, LOSTKEYS can extract files from specific directories and extensions. It also gathers detailed system information and monitors active processes, transmitting this data back to COLDRIVER. Google identified the IP address associated with the malware’s infrastructure as “165.227.148[.]68.”

Google says it has blocked malicious domains via its Safe Browsing system to limit potential fallout.

COLDRIVER’s targeting profile includes Western diplomats, journalists, and policy experts. This marks a significant evolution for the group, which began in 2024 by deploying another malware variant, Spica, capable of executing shell commands and handling data transfers.

The discovery of LOSTKEYS comes amid a broader surge in cyberattacks. According to a separate report by cybersecurity firm Hacken, cryptocurrency-related hacks have already inflicted over $2 billion in losses in Q1 2025, surpassing all of 2024’s totals.

Hacken attributes the spike in attacks to ongoing operational security and access control lapses, even among leading centralized and decentralized platforms. Social engineering, too, has become a favoured tactic among attackers seeking to manipulate and exploit their targets.

The bulk of these losses stem from a massive breach: the $1.5 billion hack of Bybit in February, widely believed to be the work of the North Korea-linked Lazarus Group.

 

If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.

“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”

Don't miss out!

Subscribe To Our Newsletter

Receive top education news, lesson ideas, teaching tips and more!
Invalid email address
Give it a try. You can unsubscribe at any time.
Thanks for subscribing!
Tags: COLDRIVERGoogle
Share63Tweet40Share11
Favour Okosodo

Favour Okosodo

Experienced web content writer with a strong command of SEO, specializing in creating concise, engaging content that drives traffic and enhances conversions across diverse industries.

Related Posts

ECB Affirms Cash Will Remain Vital Despite Rising Digital Payments
Regulation

ECB Affirms Cash Will Remain Vital Despite Rising Digital Payments

4 August 2025
Qatar Advocates for Global Tokenization to Transform International Financial Systems
Blockchain

Qatar Advocates for Global Tokenization to Transform International Financial Systems

4 August 2025
South Korean Banks Race to Launch Digital Asset Services Ahead of Stricter Crypto Regulations
Crypto

South Korean Banks Race to Launch Digital Asset Services Ahead of Stricter Crypto Regulations

4 August 2025
Metaplanet Boosts Bitcoin Treasury to 17,595 BTC
Bitcoin

Metaplanet Boosts Bitcoin Treasury to 17,595 BTC

4 August 2025

Featured Posts

Web3 in 2025: Where We Are, What’s Next, and What the Data Says

Web3 in 2025: Where We Are, What’s Next, and What the Data Says

byOlayinka Sodiq
21 July 2025
0

Which Pays Better Right Now: DeFi’s High-Yield Pairs or Traditional Finance’s Cash Vehicles?

Which Pays Better Right Now: DeFi’s High-Yield Pairs or Traditional Finance’s Cash Vehicles?

byOlayinka Sodiq
6 July 2025
0

The Future of Crypto Could Be Institutional—And That’s Not a Bad Thing

The Future of Crypto Could Be Institutional—And That’s Not a Bad Thing

byOlajumoke Oyaleke
30 June 2025
0

What Is a Rebase Token and How Does It Work?

What Is a Rebase Token and How Does It Work?

byOlajumoke Oyaleke
28 June 2025
0

Smart Contracts on Ethereum, Solana, vs. Other Blockchains

Smart Contracts on Ethereum, Solana, vs. Other Blockchains

byOlajumoke Oyaleke
26 June 2025
0

Read More

Chain of Thoughts

What Happens When AI Gets a Wallet?

What Happens When AI Gets a Wallet?

byOlu Omoyele
31 July 2025
0

...

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

The Game-changing Triumvirate: Blockchain, Data Science, and Artificial Intelligence

byOlu Omoyele
30 June 2025
0

...

Are Stablecoins Bank Deposits?

Are Stablecoins Bank Deposits?

byOlu Omoyele
31 May 2025
0

...

DAOs and the Coordination of Human Endeavour

DAOs and The Coordination of Human Endeavour

byOlu Omoyele
27 April 2025
0

...

Markets Update

US Ether ETFs Turn One: What $16.6B in Assets and Bullish Inflows Signal for the Future

2 days ago

Is ETH Restaking Driving Efficiency or Introducing a Dangerous Complexity?

3 days ago

Your Weekend Crypto Roundup | August 2025 (Week 1)

3 days ago

Meta’s $72 Billion AI Investment: A Strategic Shift from the Metaverse to Artificial Intelligence

4 days ago

Is Web3 Finally Solving Its Risk Problem? A Market Review of DeFi Insurance Models

6 days ago

How Coinshift Is Progressing the Stablecoin Space

6 days ago
Read More

Events

Rare Evo 2025
Rare Evo 2025
6 Aug 25
Las Vegas
CBDC Conference
CBDC Conference
9 Sep 25
Nassau

Spotlight

All about Ethereum
All about Algorand
All about Bitcoin
All about Gora

Press Releases

Bybit Expands USDT0 Support to HyperEVM, Corn, and Berachain — Unlocking Seamless Stablecoin Access Across Ecosystems

bychainwire
4 August 2025
0

Apu Is Now Live for Trading on Hyperliquid

bychainwire
4 August 2025
0

Bybit’s Ben Zhou Invites Community to Rewrite Their Own Success in Mid-Year Keynote Livestream

bychainwire
4 August 2025
0

Josip Heit and Apertum Secure Legal Victory Over Texas Securities Board (TSSB), Fueling the Next Evolution in DeFi

Josip Heit and Apertum Secure Legal Victory Over Texas Securities Board (TSSB), Fueling the Next Evolution in DeFi

byGuest Author
1 August 2025
0

Hamieverse Taps Abstract to Power Its Debut Blockchain Game and Purpose-Driven Ecosystem

bychainwire
1 August 2025
0

Read More

ADVERTISING

ABOUT

TEAM

CAREERS

CONTACT

TERMS & CONDITIONS

PRIVACY POLICY

© Copyright 2025 DeFi Planet

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Please enter and activate your license key for Cryptocurrency Widgets PRO plugin for unrestricted and full access of all premium features.

Add New Playlist

No Result
View All Result
  • News
    • People
    • Business
    • Crime
    • Regulation
    • Crypto
    • CBDC
  • Markets
    • Bitcoin
    • Ethereum
    • Stablecoins
    • Altcoins
    • Crypto ETFs
    • Memecoins
  • Policy
  • Articles
    • Press Releases
    • Opinion
    • Explainers
    • Guest Post
    • Sponsored
  • Directory
    • Companies
    • People
    • Products
    • Wallets
  • Multimedia
    • Videos
    • Podcasts
  • Learn
    • DeFi Basics
    • Tutorials
    • Reviews
    • Blockchain Fundamentals
  • Research
    • Case Studies
  • Explore
    • DeFi
    • Crypto Gaming
    • NFT
    • DAO
    • Metaverses
    • Glossary
  • Jobs
  • Markets Pro
    • DeFi Planet Pro
    • Spend Crypto
    • Swap Crypto
    • Coin Prices
    • Crypto Exchanges
    • Crypto Analyzer

© Copyright 2024 DeFi Planet   |   Terms & Conditions   |   Privacy Policy

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00