Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Russian APT Turla builds long-term access tool with Kazuar Botnet evolution

(u_lxme1rwy / Pixabay)

By Pierluigi Paganini

Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection and disruption more difficult.

The Turla APT group (aka Secret BlizzardSnakeUroburosWaterbugVenomous Bear and KRYPTON)  has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Russia-nexus actor is assessed to be affiliated with Center 16 of Russia’s Federal Security Service (FSB).

Read more at Security Affairs

Click to listen highlighted text!