In short, “Cold River” is a sophisticated threat (actor) that utilizes DNS subdomain hijacking, certificate spoofing, and covert tunneled command and ...

Threat Actor Profile

Cold River

Real-Time Alerts

Actor Overview

Related Threat Reports

Premium
APT Campaign Analysis - Q4 2025Dec 2025
New Tactics Observed in WildDec 2025
Infrastructure Mapping ReportDec 2025
Stay Updated

Get alerts when new intel on Cold River is published.

Actor Details

Primary Name
Cold River
Known Aliases
Nahr Elbard, Nahr el bared
Data Source
Precursor Intelligence
Need API Access?

Integrate threat actor data into your SIEM or SOAR.

View Plans →