Russian Cyber Espionage Group ColdRiver Uses LostKeys Malware in Recent Attacks

Since early 2025, the Russian cyber espionage group ColdRiver, also known as Seaborgium, Callisto, Star Blizzard, and TA446, has been using the malware LostKeys to steal files and gather system information in attacks against Western governments and organizations. Google's Threat Intelligence Group discovered this new malware being used by ColdRiver in these recent attacks.