Security News > 2020 > October > US shares info on Russian malware used to target parliaments, embassies
US Cyber Command today shared information on malware implants used by Russian hacking groups in attacks targeting multiple ministries of foreign affairs, national parliaments, and embassies.
The malware samples were identified by US Cyber Command's Cyber National Mission Force unit and the Cybersecurity and Infrastructure Security Agency and uploaded today to the Virus Total online virus scan platform.
CISA also published two advisories in collaboration with the FBI and CNMF detailing additional info regarding the ComRAT and Zebrocy malware used by the Russian state-sponsored Turla and APT 28 hacking groups in these attacks.
The Turla group known for being active since 1996 in attacks targeting the U.S. Central Command, the Pentagon and NASA, also used the ComRAT backdoor in attacks against "Ministries of foreign affairs & national parliaments to spy, steal data, & install malware."
US Cyber Commands previously exposed new malware variants deployed by malicious cyber activity campaigns coordinated by North Korean government-backed hackers.
News URL
Related news
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- US charges Russian-Israeli as suspected LockBit ransomware coder (source)
- Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)