Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Headlines

Google identifies new malware linked to Russia-based hacking group

Published by Global Banking & Finance Review

Posted on May 7, 2025

2 min read

· Last updated: January 24, 2026

Add as preferred source on Google

Google identifies new malware linked to Russia-based hacking group

Global Banking & Finance Awards 2026 — Call for Entries

Google Discovers New Malware Linked to Russian Hackers

(Reuters) -Alphabet's Google said on Wednesday it has identified new malware called "LOSTKEYS" tied to the Russian-based hacking group Cold River, which is capable of stealing files and sending system information to attackers.

The malware "marks a new development in the toolset" of Cold River, Wesley Shields, a researcher with Google Threat Intelligence Group, said in a blog.

Cold River, a name used to track hacking campaigns previously linked to Russia's Federal Security Service, is primarily known for stealing login credentials for high-profile targets, including those within NATO governments, non-governmental organizations and former intelligence and diplomatic officers, Shields said in the blog. The central goal was intelligence collection in support of Russian strategic interests.

Recent targets, observed in January, March and April 2025, include current and former advisers to Western governments and militaries, as well as journalists, think tanks and NGOs, and unnamed individuals connected to Ukraine, according to the blog.

The Russian embassy in Washington did not immediately respond to a request for comment.

Past high-profile campaigns have included targeting three nuclear research laboratories in the U.S. in the summer of 2022, and the publishing of the private emails of former British spymaster Richard Dearlove, alongside pro-Brexit individuals, in an operation revealed in May 2022.

(Reporting by Deborah Sophia in Bengaluru and AJ Vicens in Detroit; Editing by Arun Koyyur and Emelia Sithole-Matarise)

Key Takeaways

Google identifies new malware 'LOSTKEYS' linked to Cold River.
Cold River is associated with Russia's Federal Security Service.
Targets include NATO, NGOs, and individuals linked to Ukraine.
Past campaigns targeted US nuclear labs and UK officials.
The malware aims to support Russian strategic interests.

Frequently Asked Questions

What is the main topic?

The article discusses Google's discovery of new malware 'LOSTKEYS' linked to the Russian hacking group Cold River.

What is Cold River known for?

Cold River is known for stealing login credentials and targeting high-profile entities like NATO and NGOs.

Who are the recent targets of Cold River?

Recent targets include advisers to Western governments, journalists, think tanks, and individuals connected to Ukraine.

Suspect in Washington dinner shooting charged with attempting to assassinate Trump

Russian court bans prominent gay rights group

Malta calls early election, with PM pledging stability amid Iran war

Analysis-Mali at risk of splintering after jihadi and separatist attacks

Exclusive-Bruised by Trump, NATO alliance considers end to annual summits

Five stand trial in Germany over attack on Israeli defence company office

More from Headlines

Explore more articles in the Headlines category

Britain's lifetime smoking ban set to become law

Putin pledges support for Iran in talks with Araqchi in Russia, says he wants peace soon

Russian superyacht crosses blockaded Strait of Hormuz

UK PM Starmer faces vote on possible parliamentary probe over Mandelson, Times newspaper reports

Explainer-Netanyahu's rivals are joining forces. Would they shift Israel's security policy?

Lithuania charges 14 people with attempted murders linked to Russia's GRU, police say

Palestinians use Gaza rubble to restore streets as US rebuilding plan stalls

Merz suggests Ukraine may have to accept territorial loss to help pave way for EU membership

Russia's Africa Corps confirms withdrawal from Mali's Kidal

Russia summons German envoy over lawmaker's meeting with Chechen exile

Archaeologists use AI to generate image of Pompeii victim

Pope and first female Archbishop of Canterbury meet and pray together

View All Headlines Posts