phishing
RussiaThe Hacker News
RussiaThe Hacker NewsNew ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails
Wednesday, December 17, 2025
What
A threat actor executed sophisticated phishing attacks against individuals in Russia, exploiting a zero-day vulnerability in Google Chrome to deliver the LeetAgent backdoor and a spyware implant known as Dante.
Where
Russia, targeting major universities and research institutions
When
Detected in October 2025, with ongoing activities since at least 2022
Key Factors
- •Exploitation of a zero-day vulnerability in Google Chrome (CVE-2025-2783)
- •Use of a strategically aged domain to avoid detection
- •Personalized phishing emails targeting specific professionals
Takeaways
- →Organizations should enhance their email filtering and user awareness training to combat phishing threats.
- →The use of zero-day vulnerabilities highlights the need for timely software updates and patch management.
- →Implementing multi-factor authentication can help mitigate the risks associated with credential theft.
Read Full Article
Opens original article on The Hacker News
