Dossier
STOCKSTAY
Coverage of STOCKSTAY in the Nexus archive.
- Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
The Russian state-sponsored threat actor Turla has developed a new .NET backdoor called STOCKSTAY, which has been used to target Ukrainian government and military organizations, as well as entities interested in Italian foreign policy. Google Threat Intelligence Group disclosed these details, highlighting the backdoor's ongoing development by the hacking group.