silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,173
Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries.
The previously unknown malware framework, named Crutch by its authors, was used in campaigns spanning from 2015 to at least early 2020.
Turla's Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group.
"The sophistication of the attacks and technical details of the discovery further strengthen the perception that the Turla group has considerable resources to operate such a large and diverse arsenal," ESET researcher Matthieu Faou said in a report published today and shared in advance with BleepingComputer.
"Furthermore, Crutch is able to bypass some security layers by abusing legitimate infrastructure — here, Dropbox — in order to blend into normal network traffic while exfiltrating stolen documents and receiving commands from its operators."
Russian hacking group uses Dropbox to store malware-stolen data
Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country.
www.bleepingcomputer.com