Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in...

Description

New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims.

Visit Original Source

Basic Information

ID HACKREAD:D596E221F0256D83CEB0B17C915E473A

Published Jan 12, 2026 at 22:14

{
    "lastseen": "2026-01-13T00:05:08",
    "description": "New research from Recorded Future reveals how Russian state hackers (BlueDelta) are using fake Microsoft and Google login portals to steal credentials. The campaign involves using legitimate PDF lures from GRC and EcoClimate to trick victims.",
    "published": "2026-01-12T22:14:03",
    "modified": "2026-01-12T22:14:03",
    "type": "hackread",
    "title": "Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds",
    "source": "",
    "references": "",
    "id": "HACKREAD:D596E221F0256D83CEB0B17C915E473A",
    "bulletinFamily": "blog",
    "cwe": null,
    "cvelist": [],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 0,
        "severity": "NONE",
        "vector": "NONE",
        "version": "NONE"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://hackread.com/russian-bluedelta-fancy-bear-pdfs-steal-login/",
    "category_name": "News",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Russian BlueDelta (Fancy Bear) Uses PDFs to Steal Logins in Just 2 Seconds_HACKREAD:D596E221F0256D83CEB0B17C915E473A

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply