Report: 'Callisto' cyberespionage targeting Eastern Europe

Report: 'Callisto' cyberespionage targeting Eastern Europe

A cybersecurity firm announced its purported discovery of an espionage group using publicly available tools to surveil Eastern European and South Caucasus targets. 

The firm F-Secure claims it has seen attacks from the group it is calling Callisto since 2015. 

Callisto, says F-Secure's report, largely uses spearfishing emails to implant the commercial Scout malware written by the Italian military contractor Hacking Team. The group, speculates F-Secure, likely is not a client of Hacking Team. Rather, it re-appropriated the source code of Scout from dumped documents after the contractor was hacked in 2015.

Targets of the group include government, military, think tanks and journalism personnel with insight to "foreign and security policy."

The group has been using Scout since 2016. Throughout 2015, it used spearfishing to steal credentials from the same targets. 

F-Secure does not believe it has accumulated enough data to attribute the attack to a specific country.