Security News > 2020 > October > Russian Espionage Group Updates Custom Malware Suite
The advanced persistent threat known as Turla is targeting government organizations using custom malware, including an updated trio of implants that give the group persistence through overlapping backdoor access.
Russia-tied Turla is a cyber-espionage group that's been around for more than a decade.
Accenture has tied it to the group for the first time, thanks to its use alongside the other two tools seen in the campaign: Known Turla second-stage remote-access trojans, Kazuar and Carbon.
"Based on these similarities, we assess with high confidence that HyperStack is a custom Turla backdoor."
"The threat group will likely continue to maintain and rely on this ecosystem, and iterations of it, as long as the group targets Windows-based networks."
News URL
https://threatpost.com/russian-espionage-custom-malware/160673/
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware (source)
- YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)