Faith-Based Daily Awareness Post 8 May 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs

Google’s Threat Intelligence Group (GTIG) has identified a new malware strain named LOSTKEYS, attributed to the Russian-backed cyber espionage group COLDRIVER (also known as UNC4057, Star Blizzard, or Callisto). This malware represents a significant evolution in COLDRIVER’s toolkit enabling the theft of specific file types and directories along with the exfiltration of system information and active processes from compromised devices.

COLDRIVER has a history of targeting high-profile individuals and organizations, including NATO affiliates, non-governmental organizations (NGOs), journalists, and former intelligence and diplomatic personnel. Their operations are primarily aimed at intelligence collection to support Russian strategic interests. Recent campaigns observed in early 2025 have continued to target individuals connected to Ukraine as well as advisors to Western governments and military entities.

The infection chain for LOSTKEYS begins with a deceptive website presenting a fake CAPTCHA. Upon user interaction, malicious PowerShell scripts are executed, leading to the download and activation of the LOSTKEYS malware. This method of delivery is part of a broader strategy known as “ClickFix,” where attackers manipulate users into executing harmful commands.

To mitigate risks associated with such threats, Google recommends that at-risk users enroll in the Advanced Protection Program, enable Enhanced Safe Browsing in Chrome, and ensure all devices are regularly updated.

Related article: Google identifies new malware linked to Russia-based hacking group

Analyst Comments: COLDRIVER’s ongoing efforts to target high-profile Western organizations, NGOs, and individuals suggest that their activities are driven by geopolitical goals particularly the advancement of Russian interests. The consistent targeting of those connected to Ukraine and Western military and intelligence sectors highlights the group’s role in state-sponsored cyber espionage likely aimed at intelligence gathering and strategic disruption. The recommendation to enroll in Google’s Advanced Protection Program and to enable Enhanced Safe Browsing reflects best practices for mitigating the risks of targeted cyberattacks. Such measures should be encouraged for individuals and organizations in high-risk areas to reduce exposure to sophisticated cyber threats like COLDRIVER’s.

New York Man Charged with Federal Hate Crimes After Repeatedly Assaulting Jewish Victims

On May 8, 2025, an indictment was unsealed in the Southern District of New York charging Tarek Bazrouk, 20, of New York City, with three federal hate crimes for assaulting Jewish individuals at pro-Israel protests between April 2024 and January 2025. Each assault occurred at a protest related to the Israel/Gaza war, where the victims were visibly Jewish wearing kippahs, Israeli flags, or other symbols of Jewish identity.

Despite being arrested after the first two incidents Bazrouk allegedly continued his pattern of targeted antisemitic violence culminating in a third assault in January 2025. A search of Bazrouk’s phone revealed numerous antisemitic messages and propaganda supporting terrorist groups like Hamas and Hezbollah, including self-identification as a “Jew hater” and glorification of anti-Jewish violence.

If convicted, Bazrouk faces up to 30 years in federal prison (10 years per count). The case is being prosecuted by the DOJ Civil Rights Division and the U.S. Attorney’s Office for the Southern District of New York.

Analyst Comments: The repeated targeting of Jewish individuals at public protests has deep emotional and psychological consequences for the broader Jewish community, particularly students. Such assaults reinforce fears of identity expression, and communal safety in public spaces. Jewish organizations especially on college campuses are likely to call for increased security, clear policy enforcement, and strong statements of support. This case may prompt schools, law enforcement, and civic leaders to reassess how they protect Jewish students at public events.

Resources:

• Know Your Rights Protesters’ Rights
• Tips for Preparedness, Peaceful Protesting, and Safety

80 Years After WWII, Seven Largest Jewish Communities Report Unprecedented Global Antisemitism

The J7 Task Force Against Antisemitism, representing the seven largest Jewish diaspora communities (Argentina, Australia, Canada, France, Germany, the UK, and the US), released its first Annual Report on Antisemitism documenting a dramatic and unprecedented surge in antisemitic incidents globally especially following the October 7, 2023 terrorist attacks in Israel.

Key Highlights:

• Australia saw the largest spike with a 317% increase in antisemitic incidents in 2024.
• Germany had over 38 antisemitic incidents per 1,000 Jewish residents the highest per capita.
• Other countries reported continuing or historic highs, including the US (5% rise) and Canada, France, UK remaining at elevated levels.

Analyst Comments: The marked rise in antisemitic incidents across multiple global regions, especially in countries with substantial Jewish populations like Germany, the UK, and the US, reflects a deeply worrying trend of escalating violence. The data highlights that the level of hostility is no longer limited to isolated incidents but has reached a concerning pattern of systemic aggression and intimidation. Antisemitic violence has increasingly targeted institutions of Jewish life—schools, synagogues, and community centers, signaling that Jewish communities are under direct attack, not only ideologically but physically.