Security News > 2020 > October > Russian Espionage Group Updates Custom Malware Suite
![Russian Espionage Group Updates Custom Malware Suite](/static/build/img/news/russian-espionage-group-updates-custom-malware-suite.jpg)
The advanced persistent threat known as Turla is targeting government organizations using custom malware, including an updated trio of implants that give the group persistence through overlapping backdoor access.
Russia-tied Turla is a cyber-espionage group that's been around for more than a decade.
Accenture has tied it to the group for the first time, thanks to its use alongside the other two tools seen in the campaign: Known Turla second-stage remote-access trojans, Kazuar and Carbon.
"Based on these similarities, we assess with high confidence that HyperStack is a custom Turla backdoor."
"The threat group will likely continue to maintain and rely on this ecosystem, and iterations of it, as long as the group targets Windows-based networks."
News URL
https://threatpost.com/russian-espionage-custom-malware/160673/
Related news
- Russian hackers use new Lunar malware to breach a European govt's agencies (source)
- Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (source)
- Chinese attackers leverage previously unseen malware for espionage (source)
- Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware (source)