Tools and servers of Iranian threat group are being used by Russian hackers as cover
Turla cyber-espionage group rooted in Russia used stolen malware and infrastructure of the Iranian-sponsored OilRig to attack targets from several countries according to a joint UK's National Cyber Security Centre (NCSC) and U.S. National Security Agency(NSA) advisory.
Turla being an advanced threat group is tracked by security outfits as Waterbug, Snake, WhiteBear, Venomous Bear, and Krypton. Turla is an advanced persistent threat (APT) group with a focus on cyber-spying and a huge section of victims from military and government to education and research entities. OilRig is an APT with Iranian government links which is known for operating worldwide cyber-espionage campaigns, usually covering Middle Eastern companies and government agencies.
Turla's hijack was first reported in June when the researchers found that the Russian APT was using some of Iranian C2 servers. Researchers have also released an advisory stating that the Russian APT was found using various Iranian tools including the Neuron and Nautilus Implants. ASPX-based backdoor beside snake rootkit was used to compromise, maintain persistence, and exfiltrate data. Turla used victim networks previously compromised using Snake to find servers infected with the ASPX shells. These compromised networks were used in at least 35 countries, including Saudi Arabia, Kuwait, Qatar and UAE.
Victims targeted by Turla included military establishment, government departments, scientific organizations and universities. Turla used the acquired tools against victims with Snake implants and further deployed the attack to all other victims.
Use NPAV and join us on a mission to secure the cyber world.
I am gonna watch out for brussels. I'll appreciate if
yyou continue this in future. A lott of people will be benefited from your writing.
Cheers!
I am satisfied that you shared this helpful info with us.
Please keep us up to date like this. Thanks for sharing.
- Other (42)
- Ransomware (128)
- Events and News (26)
- Features (45)
- Security (433)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (195)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (80)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (71)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (7)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)