Security News

Turla's Updated ComRAT Malware Uses Gmail for C&C Communication

2020-05-27 09:02

An updated version of the ComRAT malware that Russia-linked cyber-espionage threat actor Turla has been using in recent attacks can connect to Gmail to receive commands, ESET reports. One of the oldest malware families used by the group, ComRAT was used to target the US military in 2008 and saw two major versions released until 2012, both derived from the same code base.

#gmail #malware #turla

Turla APT Revamps One of Its Go-To Spy Tools

2020-05-26 15:28

The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan to attack governmental targets. According to ESET researchers, ComRAT is one of Turla's oldest weapons, released in 2007 - but the firm found that Turla used an updated version in attacks against at least three targets earlier this year: Two Ministries of Foreign Affairs and a national parliament.

#APT #SPY #tools #turla

Russia-Linked Turla Cyberspies Add More Malware to Arsenal

2020-03-12 18:40

The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active for more than a decade, Turla is known for the targeting of various diplomatic and military organizations, with a focus on NATO and Commonwealth of Independent States nations.

#arsenal #malware #russia #turla

Turla Teardown: Why Attribute Nation-State Attacks?

2019-10-30 16:48

Unmasked: Russians Hijacked Iranian Attack Infrastructure and MalwareRussian attack group Turla has been named and shamed for hijacking Iranian nation-state attackers' infrastructure. The aim of...

#attack #turla

Turla Compromises, Infiltrates Iranian APT Infrastructure

2019-10-21 17:52

The Russian-speaking APT stole the Neuron and Nautilus implants and accessed the Iranian APT's C2 infrastructure.

#APT #compromise #infrastructure #iranian #turla

Iran? More like Ivan: Brit and US spies say they can see through Turla hacking group's facade

2019-10-21 10:06

Russian-backed cell's Middle East campaign pretended to be of a Persian persuasion British and US spies have blamed Russian hacker group Turla for masquerading as Iranian hackers to launch recent...

#brit #hacking #iran #spies #turla #US

Turla APT Returns with New Malware, Anti-Censorship Angle

2019-07-15 20:55

A dropper called “Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.

#APT #censorship #malware #turla

Turla Uses Sophisticated Backdoor to Hijack Exchange Mail Servers

2019-05-07 13:36

The Russia-linked threat group known as Turla has been using a sophisticated backdoor to hijack Microsoft Exchange mail servers, ESET reported on Tuesday. read more

#backdoor #exchange #server #turla

Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets

2018-10-04 19:14

Russian-speaking Turla has also racked up more victims in its latest APT campaign.

#APT #turla #virus

Turla Backdoor Controlled via Email Attachments

2018-08-23 17:53

ESET security researchers have analyzed a new backdoor used by the Russian-speaking advanced persistent threat (APT) group known as Turla. read more

#backdoor #email #turla

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News