Russian hacking group uses Dropbox to store malware-stolen data

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries.

The previously unknown malware framework, named Crutch by its authors, was used in campaigns spanning from 2015 to at least early 2020.
Turla's Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group.

"The sophistication of the attacks and technical details of the discovery further strengthen the perception that the Turla group has considerable resources to operate such a large and diverse arsenal," ESET researcher Matthieu Faou said in a report published today and shared in advance with BleepingComputer.
"Furthermore, Crutch is able to bypass some security layers by abusing legitimate infrastructure — here, Dropbox — in order to blend into normal network traffic while exfiltrating stolen documents and receiving commands from its operators."
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top