| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Operation ForumTroll is a sophisticated cyber espionage campaign discovered by Kaspersky in mid-March 2025. The attack exploited a zero-day vulnerability in Google Chrome, identified as CVE-2025-2783, which allowed attackers to bypass the browser's security features. Victims were infected by clicking on personalized phishing links in emails, allegedly from the organizers of the "Primakov Readings" forum, targeting media outlets, educational institutions, and government organizations in Russia. The goal of the attack appears to be espionage, and the campaign is believed to be the work of a state-sponsored APT group. Google quickly released an update to fix the vulnerability after being notified by Kaspersky.
There are currently no families associated with this actor.
| 2025-03-25
⋅
Kaspersky Labs
⋅
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain Operation ForumTroll |