SECURITYTHE HACKER NEWS
Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
The Russian state-sponsored threat actor Turla has developed a new .NET backdoor called STOCKSTAY, which has been used to target Ukrainian government and military organizations, as well as entities interested in Italian foreign policy. Google Threat Intelligence Group disclosed these details, highlighting the backdoor's ongoing development by the hacking group.
Mentioned
Related Signal
Adjacent reporting
- Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
- Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
- New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
- OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
- Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks