| SYMBOL | COMMON_NAME | aka. SYNONYMS |
A 2014 Guardian article described Turla as: 'Dubbed the Turla hackers, initial intelligence had indicated western powers were key targets, but it was later determined embassies for Eastern Bloc nations were of more interest. Embassies in Belgium, Ukraine, China, Jordan, Greece, Kazakhstan, Armenia, Poland, and Germany were all attacked, though researchers from Kaspersky Lab and Symantec could not confirm which countries were the true targets. In one case from May 2012, the office of the prime minister of a former Soviet Union member country was infected, leading to 60 further computers being affected, Symantec researchers said. There were some other victims, including the ministry for health of a Western European country, the ministry for education of a Central American country, a state electricity provider in the Middle East and a medical organisation in the US, according to Symantec. It is believed the group was also responsible for a much - documented 2008 attack on the US Central Command. The attackers - who continue to operate - have ostensibly sought to carry out surveillance on targets and pilfer data, though their use of encryption across their networks has made it difficult to ascertain exactly what the hackers took.Kaspersky Lab, however, picked up a number of the attackers searches through their victims emails, which included terms such as Nato and EU energy dialogue Though attribution is difficult to substantiate, Russia has previously been suspected of carrying out the attacks and Symantecs Gavin O’ Gorman told the Guardian a number of the hackers appeared to be using Russian names and language in their notes for their malicious code. Cyrillic was also seen in use.'
| 2024-12-11
⋅
Microsoft
⋅
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine Amadey Kazuar Wipbot FlyingYeti |
| 2024-12-04
⋅
Microsoft
⋅
Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage Crimson RAT MiniPocket TwoDash Wainscot Operation C-Major Storm-0473 |
| 2024-12-04
⋅
Lumen
⋅
Snowblind: The Invisible Hand of Secret Blizzard Crimson RAT TwoDash |
| 2024-05-15
⋅
ESET Research
⋅
To the Moon and back(doors): Lunar landing in diplomatic missions LunarMail |
| 2024-05-14
⋅
YouTube (botconf eu)
⋅
Panni pelmeni: Turla loves dumplings Pelmeni |
| 2024-04-18
⋅
EchoCTI
⋅
Turla APT Analysis with TinyTurla-NG TinyTurlaNG |
| 2024-02-19
⋅
Lab52
⋅
Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor) Pelmeni |
| 2024-02-15
⋅
Cisco Talos
⋅
TinyTurla Next Generation - Turla APT spies on Polish NGOs TinyTurlaNG |
| 2023-10-31
⋅
Palo Alto Networks Unit 42
⋅
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) Kazuar |
| 2023-09-28
⋅
CIP
⋅
Russia's Cyber Tactics H1' 2023 APT29 Sandworm Turla XakNet Zarya |
| 2023-09-22
⋅
Sophos X-Ops
⋅
Mastodon Thread on observed activity involving TinyTurla TinyTurla |
| 2023-08-30
⋅
Kaspersky Labs
⋅
IT threat evolution in Q2 2023 3CX Backdoor Bankshot BLINDINGCAN GoldMax Kazuar QUIETCANARY tomiris GoldenJackal |
| 2023-07-26
⋅
cocomelonc
⋅
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. Valak POWERSOURCE Gazer PowerDuke |
| 2023-07-19
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard DeliveryCheck Kazuar |
| 2023-07-18
⋅
Cert-UA
⋅
Targeted Turla attacks (UAC-0024, UAC-0003) using CAPIBAR and KAZUAR malware (CERT-UA#6981) DeliveryCheck Kazuar |
| 2023-05-09
⋅
CISA
⋅
Hunting Russian Intelligence “Snake” Malware Agent.BTZ Cobra Carbon System Uroburos |
| 2023-04-24
⋅
Kaspersky Labs
⋅
Tomiris called, they want their Turla malware back KopiLuwak Andromeda Ave Maria GoldMax JLORAT Kazuar Meterpreter QUIETCANARY RATel Roopy Telemiris tomiris Topinambour Storm-0473 |
| 2023-02-16
⋅
Google
⋅
Fog of war: how the Ukraine conflict transformed the cyber threat landscape APT28 Ghostwriter SaintBear Sandworm Turla |
| 2023-02-15
⋅
Google
⋅
Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape CaddyWiper Dharma HermeticWiper INDUSTROYER2 PartyTicket WhisperGate Callisto Curious Gorge MUSTANG PANDA Turla |
| 2023-01-05
⋅
Mandiant
⋅
Turla: A Galaxy of Opportunity KopiLuwak Andromeda QUIETCANARY |
| 2022-09-20
⋅
Malware development: persistence - part 11. Powershell profile. Simple C++ example. Turla RAT TurlaRPC |
| 2022-08-01
⋅
Twitter (@sekoia_io)
⋅
Tweet on Turla's CyberAzov activity CyberAzov |
| 2022-07-19
⋅
Google
⋅
Continued cyber activity in Eastern Europe observed by TAG CyberAzov APT28 Callisto Ghostwriter Sandworm Turla |
| 2022-07-19
⋅
Google
⋅
Continued cyber activity in Eastern Europe observed by TAG CyberAzov |
| 2022-06-12
⋅
Malware development: persistence - part 7. Winlogon. Simple C++ example. BazarBackdoor Gazer TurlaRPC Turla SilentMoon |
| 2022-05-11
⋅
ExaTrack
⋅
Tricephalic Hellkeeper: a tale of a passive backdoor BPFDoor Bvp47 Uroburos |
| 2022-05-02
⋅
cocomelonc
⋅
Malware development: persistence - part 3. COM DLL hijack. Simple C++ example Agent.BTZ Ave Maria Konni Mosquito TurlaRPC |
| 2022-04-26
⋅
cocomelonc
⋅
Malware development: persistence - part 2. Screensaver hijack. C++ example. Gazer |
| 2022-03-28
⋅
Cyber Geeks (CyberMasterV)
⋅
A Step-by-Step Analysis of the Russian APT Turla Backdoor called TinyTurla TinyTurla |
| 2022-02-28
⋅
Lab52
⋅
Looking for Penquins in the Wild Penquin Turla |
| 2022-01-25
⋅
Möbius Strip Reverse Engineering
⋅
An Exhaustively Analyzed IDB for ComLook ComLook |
| 2022-01-20
⋅
Twitter (@ClearskySec)
⋅
Tweet on ComLook backdoor used by Turla ComLook |
| 2021-12-01
⋅
ESET Research
⋅
Jumping the air gap: 15 years of nation‑state effort Agent.BTZ Fanny Flame Gauss PlugX Ramsay Retro Stuxnet USBCulprit USBferry |
| 2021-11-05
⋅
Emanuele De Lucia on Security
⋅
The BigBoss Rules: Something about one of the Uroburos’ RPC-based backdoors Turla SilentMoon |
| 2021-09-27
⋅
Medium ryancor
⋅
Deobfuscating PowerShell Malware Droppers Agent.BTZ |
| 2021-09-21
⋅
Talos Intelligence
⋅
TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines TinyTurla |
| 2021-06-12
⋅
YouTube (BSidesBoulder)
⋅
Same and Different - sesame street level attribution Kazuar SUNBURST |
| 2021-04-29
⋅
ESET Research
⋅
ESET Industry Report on Government: Targeted but not alone Exaramel Crutch Exaramel HyperBro HyperSSL InvisiMole XDSpy |
| 2021-04-27
⋅
Kaspersky
⋅
APT trends report Q1 2021 PAS Artra Downloader BadNews Bozok DILLJUICE Kazuar Quasar RAT SodaMaster |
| 2021-02-28
⋅
PWC UK
⋅
Cyber Threats 2020: A Year in Retrospect elf.wellmess FlowerPower PowGoop 8.t Dropper Agent.BTZ Agent Tesla Appleseed Ave Maria Bankshot BazarBackdoor BLINDINGCAN Chinoxy Conti Cotx RAT Crimson RAT DUSTMAN Emotet FriedEx FunnyDream Hakbit Mailto Maze METALJACK Nefilim Oblique RAT Pay2Key PlugX QakBot REvil Ryuk StoneDrill StrongPity SUNBURST SUPERNOVA TrickBot TurlaRPC Turla SilentMoon WastedLocker WellMess Winnti ZeroCleare APT10 APT23 APT27 APT31 APT41 BlackTech BRONZE EDGEWOOD Inception Framework MUSTANG PANDA Red Charon Red Nue Sea Turtle Tonto Team |
| 2021-02-19
⋅
Palo Alto Networks Unit 42
⋅
IronNetInjector: Turla’s New Malware Loading Tool Agent.BTZ IronNetInjector TurlaRPC |
| 2021-02-16
⋅
US Department of Defense
⋅
The creation of the 2020 ComRATv4 illustration Agent.BTZ |
| 2021-01-11
⋅
Kaspersky Labs
⋅
Sunburst backdoor – code overlaps with Kazuar Kazuar SUNBURST |
| 2020-12-21
⋅
IronNet
⋅
Russian cyber attack campaigns and actors WellMail elf.wellmess Agent.BTZ BlackEnergy EternalPetya Havex RAT Industroyer Ryuk Triton WellMess |
| 2020-12-21
⋅
Intezer
⋅
Top Linux Cloud Threats of 2020 AgeLocker AnchorDNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT |
| 2020-12-02
⋅
ESET Research
⋅
Turla Crutch: Keeping the “back door” open Crutch Gazer Turla |
| 2020-10-29
⋅
US-CERT
⋅
Malware Analysis Report (AR20-303A): PowerShell Script: ComRAT Agent.BTZ |
| 2020-10-28
⋅
Accenture
⋅
Turla uses HyperStack, Carbon, and Kazuar to compromise government entity Cobra Carbon System Kazuar TurlaRPC Turla SilentMoon |
| 2020-09-25
⋅
Github (sisoma2)
⋅
Turla Carbon System Cobra Carbon System |
| 2020-09-22
⋅
vmware
⋅
Detecting Threats in Real-time With Active C2 Information Agent.BTZ Cobalt Strike Dacls NetWire RC PoshC2 Winnti |
| 2020-09-11
⋅
Twitter (@Arkbird_SOLG)
⋅
Tweet on discovery of a sample Turla SilentMoon |
| 2020-09-10
⋅
Kaspersky Labs
⋅
An overview of targeted attacks and APTs on Linux Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent |
| 2020-09-01
⋅
Möbius Strip Reverse Engineering
⋅
An Exhaustively-Analyzed IDB for ComRAT v4 Agent.BTZ |
| 2020-07-29
⋅
ESET Research
⋅
THREAT REPORT Q2 2020 DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos PlugX Pony REvil Socelars STOP Tinba TrickBot WannaCryptor |
| 2020-07-29
⋅
Kaspersky Labs
⋅
APT trends report Q2 2020 PhantomLance Dacls Penquin Turla elf.wellmess AppleJeus Dacls AcidBox Cobalt Strike Dacls EternalPetya Godlike12 Olympic Destroyer PlugX shadowhammer ShadowPad Sinowal VHD Ransomware Volgmer WellMess X-Agent XTunnel |
| 2020-07-21
⋅
YouTube ( OPCDE with Matt Suiche)
⋅
vOPCDE #9 - A Journey into Malware HTTP Communication Channels Spectacles (Mohamad Mokbel) Alureon Aytoke Cobra Carbon System CROSSWALK danbot ProtonBot Silence |
| 2020-07-14
⋅
Telsy
⋅
Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene NewPass Turla |
| 2020-06-09
⋅
Kaspersky Labs
⋅
Looking at Big Threats Using Code Similarity. Part 1 Penquin Turla CCleaner Backdoor EternalPetya Regin WannaCryptor XTunnel |
| 2020-06-07
⋅
Youtube (OPCDE)
⋅
The Penquin is in da house Penquin Turla |
| 2020-05-28
⋅
EpicTurla
⋅
SysInTURLA Kazuar |
| 2020-05-26
⋅
ESET Research
⋅
From Agent.BTZ to ComRAT v4: A ten‑year journey Agent.BTZ |
| 2020-05-26
⋅
ESET Research
⋅
From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper) Agent.BTZ |
| 2020-05-21
⋅
PICUS Security
⋅
T1055 Process Injection BlackEnergy Cardinal RAT Downdelph Emotet Kazuar RokRAT SOUNDBITE |
| 2020-05-14
⋅
Leonardo
⋅
Malware Technical Insight Turla "Penquin_x64" Penquin Turla |
| 2020-04-07
⋅
Blackberry
⋅
Decade of the RATS: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android Penquin Turla XOR DDoS ZXShell |
| 2020-03-12
⋅
Recorded Future
⋅
Swallowing the Snake’s Tail: Tracking Turla Infrastructure TwoFace Mosquito |
| 2020-03-12
⋅
ESET Research
⋅
Tracking Turla: New backdoor delivered via Armenian watering holes LightNeuron Mosquito NetFlash Skipper |
| 2020-03-12
⋅
Recorded Future
⋅
Swallowing the Snake’s Tail: Tracking Turla Infrastructure Mosquito Sinowal |
| 2020-03-04
⋅
CrowdStrike
⋅
2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER |
| 2020-03-03
⋅
PWC UK
⋅
Cyber Threats 2019:A Year in Retrospect KevDroid MESSAGETAP magecart AndroMut Cobalt Strike CobInt Crimson RAT DNSpionage Dridex Dtrack Emotet FlawedAmmyy FlawedGrace FriedEx Gandcrab Get2 GlobeImposter Grateful POS ISFB Kazuar LockerGoga Nokki QakBot Ramnit REvil Rifdoor RokRAT Ryuk shadowhammer ShadowPad Shifu Skipper StoneDrill Stuxnet TrickBot Winnti ZeroCleare APT41 MUSTANG PANDA Sea Turtle |
| 2020-02-13
⋅
Qianxin
⋅
APT Report 2019 Chrysaor Exodus Dacls VPNFilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy |
| 2020-01-01
⋅
Secureworks
⋅
IRON HUNTER Agent.BTZ Cobra Carbon System LightNeuron Mosquito Nautilus Neuron Skipper Uroburos Turla |
| 2019-10-21
⋅
NCSC UK
⋅
Advisory: Turla group exploits Iranian APT to expand coverage of victims Nautilus Neuron |
| 2019-08-12
⋅
Kindred Security
⋅
An Overview of Public Platform C2’s HTML5 Encoding LOWBALL Makadocs MiniDuke RogueRobinNET RokRAT |
| 2019-07-26
⋅
Github (eset)
⋅
Turla Indicators of Compromise Gazer |
| 2019-07-08
⋅
0ffset Blog
⋅
Analyzing KSL0T (Turla’s Keylogger), Part 2 – Reupload KSL0T |
| 2019-07-08
⋅
0ffset Blog
⋅
Analyzing KSL0T (Turla’s Keylogger), Part 1 – Reupload KSL0T |
| 2019-06-20
⋅
Symantec
⋅
Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments LightNeuron |
| 2019-05-29
⋅
ESET Research
⋅
A dive into Turla PowerShell usage PowerShellRunner TurlaRPC |
| 2019-05-19
⋅
Telsy
⋅
Following the Turla’s Skipper over the ocean of cyber operations Skipper |
| 2019-05-07
⋅
ESET Research
⋅
Turla LightNeuron: An email too far LightNeuron |
| 2019-05-01
⋅
ESET Research
⋅
TURLA LIGHTNEURON: One email away from remote code execution LightNeuron |
| 2019-04-19
⋅
Github (hfiref0x)
⋅
TDL (Turla Driver Loader) Repository Cobra Carbon System |
| 2019-04-13
⋅
GitHub
⋅
Decoded Turla Powershell Implant PowerShellRunner |
| 2019-01-17
⋅
Twitter (@VK_intel)
⋅
Tweet on Turla Outlook Backdoor Outlook Backdoor |
| 2019-01-01
⋅
MITRE
⋅
Group description: Turla Turla |
| 2019-01-01
⋅
Council on Foreign Relations
⋅
Turla Turla |
| 2018-11-22
⋅
nccgroup
⋅
Turla PNG Dropper is back Uroburos Turla |
| 2018-11-22
⋅
nccgroup
⋅
Turla PNG Dropper is back Uroburos Turla |
| 2018-10-05
⋅
Post 0x17.2: Analyzing Turla’s Keylogger KSL0T |
| 2018-10-04
⋅
Kaspersky Labs
⋅
Shedding Skin – Turla’s Fresh Faces KopiLuwak Agent.BTZ Cobra Carbon System Gazer Meterpreter Mosquito Skipper |
| 2018-09-10
⋅
Youtube ( Monnappa K A)
⋅
turla gazer backdoor code injection & winlogon shell persistence Gazer |
| 2018-08-22
⋅
Bleeping Computer
⋅
Turla Outlook Backdoor Uses Clever Tactics for Stealth and Persistence Turla |
| 2018-08-22
⋅
ESET Research
⋅
Turla Outlook Backdoor Outlook Backdoor |
| 2018-07-10
⋅
Kaspersky Labs
⋅
APT Trends Report Q2 2018 LightNeuron PoorWeb |
| 2018-05-22
⋅
ESET Research
⋅
Turla Mosquito: A shift towards more generic tools Mosquito Turla |
| 2018-03-01
⋅
CrySyS Lab
⋅
Territorial Dispute – NSA’s perspective on APT landscape 9002 RAT Agent.BTZ DuQu EYService Flame FlowerShop Stuxnet Uroburos |
| 2018-03-01
⋅
Kaspersky Labs
⋅
Penquin's Moonlit Maze Penquin Turla |
| 2018-02-09
⋅
ExaTrack
⋅
Hey Uroburos! What's up ? Uroburos |
| 2018-01-22
⋅
ZDNet
⋅
This hacking gang just updated the malware it uses against UK targets Turla |
| 2018-01-17
⋅
NCSC UK
⋅
Turla group malware Nautilus Neuron |
| 2018-01-01
⋅
ESET Research
⋅
Diplomats in Eastern Europe bitten by a Turla mosquito Mosquito |
| 2017-12-24
⋅
Twitter (@juanandres_gs)
⋅
Tweet on Turla Penquin Penquin Turla |
| 2017-10-05
⋅
Analysis of a malicious DOC used by Turla APT group; hunting persistence via PowerShell KopiLuwak |
| 2017-10-04
⋅
Twitter (@JohnLaTwC)
⋅
Tweet on Turla JS backdoor Maintools.js |
| 2017-09-13
⋅
Intezer
⋅
New Variants of Agent.BTZ/ComRAT Found: The Threat That Hit The Pentagon In 2008 Still Evolving; Part 2/2 Agent.BTZ |
| 2017-08-30
⋅
Kaspersky Labs
⋅
Introducing WhiteBear Gazer Turla White Bear |
| 2017-08-30
⋅
ESET Research
⋅
New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies Gazer |
| 2017-08-21
⋅
Trend Micro
⋅
Cyberespionage Group Turla Deploys Backdoor Ahead of G20 Task Force Summit Turla |
| 2017-08-18
⋅
vmware
⋅
Threat Analysis: Carbon Black Threat Research Dissects PNG Dropper Uroburos |
| 2017-08-17
⋅
Proofpoint
⋅
Turla APT actor refreshes KopiLuwak JavaScript backdoor for use in G20-themed attack KopiLuwak |
| 2017-08-09
⋅
CSE
⋅
Hackers are Humans too Satellite Turla |
| 2017-08-07
⋅
Intezer
⋅
New Variants of Agent.BTZ/ComRAT Found: The Threat That Hit The Pentagon In 2008 Still Evolving; Part 1/2 Agent.BTZ |
| 2017-08-01
⋅
ESET Research
⋅
Gazing at Gazer Turla’s new second stage backdoor Turla |
| 2017-06-07
⋅
engadget
⋅
Russian malware link hid in a comment on Britney Spears' Instagram Turla |
| 2017-06-06
⋅
ESET Research
⋅
Turla’s watering hole campaign: An updated Firefox extension abusing Instagram HTML5 Encoding Skipper |
| 2017-05-05
⋅
Malwarebytes
⋅
Snake malware ported from Windows to Mac Uroburos |
| 2017-05-03
⋅
Fox-IT
⋅
Snake: Coming soon in Mac OS X flavour Uroburos |
| 2017-05-03
⋅
Palo Alto Networks Unit 42
⋅
Kazuar: Multiplatform Espionage Backdoor with API Access Kazuar |
| 2017-05-03
⋅
Palo Alto Networks Unit 42
⋅
Kazuar: Multiplatform Espionage Backdoor with API Access Turla |
| 2017-04-03
⋅
Kaspersky Labs
⋅
Moonlight Maze: Lessons from history Turla |
| 2017-04-03
⋅
Kaspersky Labs
⋅
Moonlight Maze Technical Report (Appendix B) Penquin Turla |
| 2017-04-03
⋅
Kaspersky Labs
⋅
Penquin’s Moonlit Maze Penquin Turla |
| 2017-03-30
⋅
ESET Research
⋅
Carbon Paper: Peering into Turla’s second stage backdoor Cobra Carbon System Turla |
| 2017-02-02
⋅
Kaspersky Labs
⋅
KopiLuwak: A New JavaScript Payload from Turla KopiLuwak |
| 2016-09-07
⋅
Virus Bulletin
⋅
Wave Your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks DuQu JripBot Sinowal Stuxnet Wipbot |
| 2016-06-30
⋅
Bitdefender
⋅
Pacifier APT Gazer Turla |
| 2016-06-30
⋅
Bitdefender
⋅
Pacifier APT Skipper |
| 2016-05-23
⋅
Reporting and Analysis Centre for Information Assurance MELANI
⋅
Technical Report about the Malware used in the Cyberespionage against RUAG Turla |
| 2016-05-23
⋅
MELANI GovCERT
⋅
APT Case RUAG - Technical Report Cobra Carbon System |
| 2016-01-14
⋅
Symantec
⋅
The Waterbug attack group Agent.BTZ Wipbot |
| 2016-01-14
⋅
Symantec
⋅
The Waterbug attack group Agent.BTZ Cobra Carbon System Wipbot Turla |
| 2016-01-13
⋅
Russian group behind 2013 Foreign Ministry hack Turla |
| 2015-11-01
⋅
FireEye
⋅
PINPOINTING TARGETS: Exploiting Web Analytics to Ensnare Victims witchcoven Turla |
| 2015-09-09
⋅
Kaspersky Labs
⋅
Satellite Turla: APT Command and Control in the Sky Turla |
| 2015-09-09
⋅
Kaspersky Labs
⋅
Satellite Turla: APT Command and Control in the Sky Satellite Turla Turla |
| 2015-02-11
⋅
FIRST Tbilisi
⋅
Turla-development & operations Turla |
| 2015-01-20
⋅
G Data
⋅
Analysis of Project Cobra Cobra Carbon System |
| 2015-01-15
⋅
G Data
⋅
Weiterentwicklung anspruchsvoller Spyware: von Agent.BTZ zu ComRAT Agent.BTZ |
| 2015-01-01
⋅
Bitdefender
⋅
New Pacifier APT Components Point to Russian-Linked Turla Group KopiLuwak Gazer Skipper |
| 2014-12-09
⋅
Threatpost
⋅
Linux Modules Connected to Turla APT Discovered Turla |
| 2014-12-08
⋅
Kaspersky Labs
⋅
The ‘Penquin’ Turla Turla |
| 2014-11-11
⋅
G Data
⋅
The Uroburos case: new sophisticated RAT identified Agent.BTZ Uroburos |
| 2014-08-07
⋅
The Guardian
⋅
Sophisticated 'Turla' hackers spying on European governments, say researchers Turla |
| 2014-08-07
⋅
Kaspersky Labs
⋅
The Epic Turla Operation Turla |
| 2014-08-07
⋅
Kaspersky Labs
⋅
The Epic Turla Operation Cobra Carbon System Uroburos Wipbot Turla |
| 2014-06-02
⋅
G Data
⋅
Analysis of Uroburos, using WinDbg Uroburos |
| 2014-05-13
⋅
G Data
⋅
Uroburos rootkit: Belgian Foreign Ministry stricken Uroburos |
| 2014-03-17
⋅
BAE Systems
⋅
Snake Campaign & Espionage Toolkit Agent.BTZ Uroburos |
| 2014-03-12
⋅
Blog (Artem Baranov)
⋅
Uroburos: the snake rootkit Uroburos |
| 2014-03-12
⋅
Kaspersky Labs
⋅
Agent.btz: a Source of Inspiration? Agent.BTZ |
| 2014-03-07
⋅
G Data
⋅
Uroburos – Deeper travel into kernel protection mitigation Uroburos |
| 2014-02-28
⋅
G Data Blog
⋅
Uroburos - highly complex espionage software with Russian roots Uroburos |
| 2014-01-01
⋅
circl.lu
⋅
TR-25 Analysis - Turla / Pfinet / Snake/ Uroburos Cobra Carbon System Uroburos Turla |
| 2010-08-25
⋅
The New York Times
⋅
Military Computer Attack Confirmed Turla |
| 2008-11-30
⋅
ThreatExpert
⋅
Agent.btz - A Threat That Hit Pentagon Agent.BTZ |