Dossier
Turla
Coverage of Turla in the Nexus archive.
- Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
The Russian state-sponsored threat actor Turla has developed a new .NET backdoor called STOCKSTAY, which has been used to target Ukrainian government and military organizations, as well as entities interested in Italian foreign policy. Google Threat Intelligence Group disclosed these details, highlighting the backdoor's ongoing development by the hacking group.
- Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group Turla has transformed its Kazuar backdoor into a modular peer-to-peer botnet for stealthy and persistent access. Turla is affiliated with Center 16 of Russia's Federal Security Service. This transformation enables Turla to maintain access to compromised hosts.