Security News > 2020 > October > Russian Espionage Group Updates Custom Malware Suite
The advanced persistent threat known as Turla is targeting government organizations using custom malware, including an updated trio of implants that give the group persistence through overlapping backdoor access.
Russia-tied Turla is a cyber-espionage group that's been around for more than a decade.
Accenture has tied it to the group for the first time, thanks to its use alongside the other two tools seen in the campaign: Known Turla second-stage remote-access trojans, Kazuar and Carbon.
"Based on these similarities, we assess with high confidence that HyperStack is a custom Turla backdoor."
"The threat group will likely continue to maintain and rely on this ecosystem, and iterations of it, as long as the group targets Windows-based networks."
News URL
https://threatpost.com/russian-espionage-custom-malware/160673/
Related news
- Three Russian-German Nationals Charged with Espionage for Russian Secret Service (source)
- RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)