Security News > 2020 > October > Russian Espionage Group Updates Custom Malware Suite
The advanced persistent threat known as Turla is targeting government organizations using custom malware, including an updated trio of implants that give the group persistence through overlapping backdoor access.
Russia-tied Turla is a cyber-espionage group that's been around for more than a decade.
Accenture has tied it to the group for the first time, thanks to its use alongside the other two tools seen in the campaign: Known Turla second-stage remote-access trojans, Kazuar and Carbon.
"Based on these similarities, we assess with high confidence that HyperStack is a custom Turla backdoor."
"The threat group will likely continue to maintain and rely on this ecosystem, and iterations of it, as long as the group targets Windows-based networks."
News URL
https://threatpost.com/russian-espionage-custom-malware/160673/
Related news
- Russian hackers use new Lunar malware to breach a European govt's agencies (source)
- Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (source)
- Chinese attackers leverage previously unseen malware for espionage (source)
- Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware (source)