Turla (malware)
This article may lack focus or may be about more than one topic. (June 2017) |
You can help expand this article with text translated from [[:uk:Lua error in Module:WikidataIB at line 482: attempt to index field 'wikibase' (a nil value).|the corresponding article]] in українська. (June 2017) Click [show] for important translation instructions.
|
Turla or Uroboros (Russian: Турла) is a trojan package that is suspected by computer security researchers and Western intelligence officers to be the product of a Russian government agency of the same name.[1][2][3]
High infection rates of the virus were observed in Russia, Kazakhstan and Vietnam, followed by US and China, and low infection rates in Europe, South America and Asia (including India).[4]
Malware
[edit | edit source]Turla has been targeting governments and militaries since at least 2008.[2][5][6]
In December 2014 there was evidence of it targeting operating systems running Linux.[7]
Group
[edit | edit source]The advanced persistent threat hacking group has also been named Turla.[1] The group has probably been operating since the late 1990s, according to professor Thomas Rid of Johns Hopkins University.[8] Dan Goodin in Ars Technica described Turla as "Russian spies".[9] Turla has since been given other names such as Snake, Krypton, and Venomous Bear.
US actions against group
[edit | edit source]In May 2023 the United States Department of Justice announced that the United States had managed to infiltrate machines that were infected by the malware and issue a command ordering the malware to delete itself.[8] Affidavits from the FBI and DOJ revealed that the group was part of the Russian Federal Security Service Center 16 group in Ryazan.[8]
Possible GoldenJackal connection
[edit | edit source]ESET noted that the command and control protocol used by GoldenJackal malware is typically used by Turla, suggesting the groups may be connected.[10]
See also
[edit | edit source]References
[edit | edit source]- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b c Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
