On Halloween, US Cyber Command (CYBERCOM) released a chilling surprise for the Russian sponsored APTs, Turla Team and APT28. In an afternoon tweet on Friday, CYBERCOM released samples of an implant dropper used by Turla that they have dubbed ComRATv4, as well as samples of Zebrocy, attributed to APT28, to VirusTotal. The FBI and CISA – who have made the attribution, noted that Turla Team is backed by the government of Russia, and it has used ComRATv4 to target ministries of foreign affairs and national parliaments. In his coverage of the release, Catalin Cimpanu of ZDNet notes that Accenture earlier in the week also released a report concerning Turla and its prevalent use of ComRATv4.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.