Cold RiverCold River

Also known as: Nahr Elbard · Nahr el bared · Cold River

Known aliases
3

Profile

In short, “Cold River” is a sophisticated threat (actor) that utilizes DNS subdomain hijacking, certificate spoofing, and covert tunneled command and control traffic in combination with complex and convincing lure documents and custom implants.

Aliases· 3

Nahr ElbardNahr el baredCold River

References

  1. https://www.lastline.com/labsblog/threat-actor-cold-river-network-traffic-analysis-and-a-deep-dive-on-agent-drable/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
DarkHotel
Software
COLDCAT
Actor
Corsair Jackal
Actor
DriftingCloud
Actor
Volatile Cedar
Actor
Winter Vivern
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.