Security News > 2020 > October > US shares info on Russian malware used to target parliaments, embassies
US Cyber Command today shared information on malware implants used by Russian hacking groups in attacks targeting multiple ministries of foreign affairs, national parliaments, and embassies.
The malware samples were identified by US Cyber Command's Cyber National Mission Force unit and the Cybersecurity and Infrastructure Security Agency and uploaded today to the Virus Total online virus scan platform.
CISA also published two advisories in collaboration with the FBI and CNMF detailing additional info regarding the ComRAT and Zebrocy malware used by the Russian state-sponsored Turla and APT 28 hacking groups in these attacks.
The Turla group known for being active since 1996 in attacks targeting the U.S. Central Command, the Pentagon and NASA, also used the ComRAT backdoor in attacks against "Ministries of foreign affairs & national parliaments to spy, steal data, & install malware."
US Cyber Commands previously exposed new malware variants deployed by malicious cyber activity campaigns coordinated by North Korean government-backed hackers.
News URL
Related news
- Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware (source)
- New Tickler malware used to backdoor US govt, defense orgs (source)
- New Tickler malware used to backdoor US govt, defense orgs (source)
- US cracks down on Russian disinformation before 2024 election (source)
- US proposes ban on Chinese, Russian connected car tech over security fears (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)
- New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users (source)