Breach, Threat Intelligence

Free Russia Foundation breach under probe

Russia flag is depicted on the screen with the program code. The concept of modern technology and site development.

U.S.-based nonprofit and nongovernmental advocacy organization Free Russia Foundation has launched an investigation into a breach of its systems after the leak of allegedly stolen files through a Telegram channel earlier this month, according to The Record, a news site by cybersecurity firm Recorded Future.

Russian state-sponsored threat group Coldriver has been suspected by the Free Russia Foundation of being behind the intrusion, which involved the targeting of several entities to exfiltrate internal documents, grant reports, and other correspondences in retaliation against pro-democracy Russians. Over 13 GB of electronic documents and more than 2,500 email chains, including strategic planning files, accounting, and management data were claimed by threat actors to have been exfiltrated from the nonprofit, with the legitimacy of the exposed files confirmed by unnamed former employees. Such a development comes weeks after Coldriver and fellow Russian state-backed threat operation Coldwastrel were reported by Access Now and Citizen Lab to have mounted attacks against independent media, human rights entities, and civil society members across the U.S. and Eastern Europe.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds