| SYMBOL | COMMON_NAME | aka. SYNONYMS |
The Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks, and journalists in Europe and the South Caucasus. Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions.
| 2025-05-07
⋅
Google
⋅
COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs LOSTKEYS |
| 2024-10-03
⋅
Microsoft
⋅
Protecting Democratic Institutions from Cyber Threats Callisto |
| 2024-10-03
⋅
US Department of Justice
⋅
Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts Callisto |
| 2024-10-03
⋅
US Court for the District of Columbia
⋅
Civil Action No. 1:24-cv-02719-RC: Microsoft vs. Star Blizzard Callisto |
| 2024-10-03
⋅
CitizenLab
⋅
Disrupting COLDRIVER: U.S. court orders seizure of domains used in Russian cyberattacks Callisto |
| 2024-09-19
⋅
PWC
⋅
COLDWASTREL of space Callisto |
| 2024-08-14
⋅
CitizenLab
⋅
Rivers of Phish: Sophisticated Phishing Targets Russia’s Perceived Enemies Around the Globe Callisto |
| 2024-06-26
⋅
edeca.net
⋅
An interesting Callisto YARA rule Callisto |
| 2024-06-05
⋅
Mandiant
⋅
Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics Callisto |
| 2024-04-25
⋅
Mandiant
⋅
Poll Vaulting: Cyber Threats to Global Elections Callisto |
| 2024-01-18
⋅
Google
⋅
Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware RCS SPICA Callisto |
| 2023-12-13
⋅
Sekoia
⋅
CALISTO doxxing: Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets Callisto |
| 2023-12-07
⋅
GOV.UK
⋅
UK exposes attempted Russian cyber interference in politics and democratic processes Callisto |
| 2023-12-07
⋅
Microsoft
⋅
Star Blizzard increases sophistication and evasion in ongoing attacks Callisto |
| 2023-12-07
⋅
Department of Justice
⋅
Two Russian Nationals Working with Russia’s Federal Security Service Charged with Global Computer Intrusion Campaign Callisto |
| 2023-12-06
⋅
NCSC UK
⋅
Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns: Updated and new research, updated vulnerabilities, security updates and revised actors. Callisto |
| 2023-12-05
⋅
US District Court Northern District of California San Francisco
⋅
CR23-00447CRB: United States of America vs RUSLAN ALEKSANDROVICH PERETYATKO and ANDREY STANISLAVOVICH KORINETS Callisto |
| 2023-08-03
⋅
DARKReading
⋅
Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection Callisto |
| 2023-08-02
⋅
Recorded Future
⋅
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023 Callisto |
| 2023-02-21
⋅
Sekoia
⋅
One Year After: The Cyber Implications of the Russo-Ukrainian War Callisto |
| 2023-02-15
⋅
Google
⋅
Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla |
| 2022-12-05
⋅
Recorded Future
⋅
Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations Callisto |
| 2022-12-05
⋅
PWC
⋅
Blue Callisto orbits around US Laboratories in 2022 Callisto |
| 2022-12-05
⋅
Sekoia
⋅
Calisto show interests into entities involved in Ukraine war support Callisto |
| 2022-08-15
⋅
Microsoft
⋅
Disrupting SEABORGIUM’s ongoing phishing operations Callisto |
| 2022-07-22
⋅
Sekoia
⋅
CALISTO continues its credential harvesting campaign Callisto |
| 2022-07-19
⋅
Google
⋅
Continued cyber activity in Eastern Europe observed by TAG CyberAzov APT28 Callisto Ghostwriter Sandworm Turla |
| 2022-05-03
⋅
Google
⋅
Update on cyber activity in Eastern Europe Callisto |
| 2022-03-30
⋅
Google
⋅
Tracking cyber activity in Eastern Europe Callisto Curious Gorge |
| 2017-04-13
⋅
F-Secure
⋅
Callisto Group Callisto |
| 2017-04-01
⋅
F-Secure
⋅
CALLISTO GROUP RCS Callisto |