An Interest In:
Web News this Week
- April 26, 2024
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
Some of Our Sources
- Engadget
- Spoon Graphics
- Creative Curio
- Web Designer Depot
- Naldz Graphics
- FanExtra - PSD
- Crazy Leaf Design
- Fudge Graphics
- Daily Now
- Hashedout
Help Webnuz
Referal links:
May 27, 2020 11:50 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/om_-Zcby-44/turla-hacker-group-steals-antivirus-logs-to-see-if-its-malware-was-detected
Turla Hacker Group Steals Antivirus Logs To See If Its Malware Was Detected
An anonymous reader quotes a report from ZDNet: Security researchers from ESET have discovered new attacks carried out by Turla, one of Russia's most advanced state-sponsored hacking groups. The new attacks have taken place in January 2020. ESET researchers say the attacks targeted three high-profile entities, such as a national parliament in the Caucasus and two Ministries of Foreign Affairs in Eastern Europe. Targets could not be identified by name due to national security reasons. [...] The ComRAT malware, also known as Agent.BTZ, is one of Turla's oldest weapons, and the one they used to siphon data from the Pentagon's network in 2008. The tool has seen several updates across the years, with new versions discovered in 2014 and 2017, respectively. The latest version, known as ComRAT v4, was first seen in 2017, however, in a report published today, ESET says they've spotted a variation of ComRAT v4 that includes two new features, such as the ability to exfiltrate antivirus logs and the ability to control the malware using a Gmail inbox. The first of these features is the malware's ability to collect antivirus logs from an infected host and upload it to one of its command and control servers. The exact motives of a hacker group will always remain unclear, but Matthieu Faou, the ESET researcher who analyzed the malware, told ZDNet that Turla operators might be collecting antivirus logs to "allow them to better understand if and which one of their malware sample was detected." The belief is that if Turla operators see a detection, they can then tweak their malware and avoid future detections on other systems, where they can then operate undetected.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/om_-Zcby-44/turla-hacker-group-steals-antivirus-logs-to-see-if-its-malware-was-detected
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot