Search results for: "turla" | WeLiveSecurity

Search results for: "turla"

White Papers Turla LightNeuron: One email away from remote code execution

Turla LightNeuron: One email away from remote code execution

In this white paper, we present the analysis of LightNeuron, a backdoor specifically designed to target Microsoft Exchange mail servers. LightNeuron, which the cyberespionage group Turla is believed to have used since at least 2014, can spy on, modify or block any emails going through the compromised mail server, as well as execute commands sent

White Papers Turla Outlook Backdoor: Analysis of an unusual Turla backdoor

Turla Outlook Backdoor: Analysis of an unusual Turla backdoor

Turla, also known as Snake, is an espionage group notorious for having breached some heavily-protected networks. They have been busy attacking diplomats and military targets around the world. Among the notable victims were the Finnish Foreign Ministry in 2013 , the Swiss military firm RUAG between 2014 and 2016 and more recently, the German government

White Papers Diplomats in Eastern Europe bitten by a Turla mosquito

Diplomats in Eastern Europe bitten by a Turla mosquito

Turla is one of the longest-known state-sponsored cyberespionage groups, with well-known victims such as the US Department of Defense in 2008. The group owns a large toolset that is generally divided into several categories: the most advanced malware is only deployed on machines that are the most interesting to the attackers. Their espionage platform is

White Papers Gazing at Gazer: Turla’s new second stage backdoor

Gazing at Gazer: Turla’s new second stage backdoor

Turla is a notorious group that has been targeting governments, government officials and diplomats for years. Although this backdoor has been actively deployed since at least 2016, it has not been documented anywhere. Based on strings found in the samples we analyzed, we have named this backdoor “Gazer”.

White Papers From Agent.BTZ to ComRAT v4: A ten‑year journey

From Agent.BTZ to ComRAT v4: A ten‑year journey

ESET researchers have uncovered a new version of ComRAT, a backdoor that the Turla APT group has been using since at least 2007. This white paper analyzes this latest addition to the toolkit of a cyberespionage group that is known to have breached major public and private targets on multiple continents.