Turla Expands Their Arsenal with Next-Generation Malwares

Summary:

In December 2023, a new backdoor dubbed TinyTurla-NG was deployed by the Russia-affiliated threat actor Turla as part of a three-month campaign targeting Polish non-governmental organizations (NGOs). The threat actor utilized malicious PowerShell scripts hosted on various websites, exploiting vulnerable versions of WordPress for their C2 operations.

Threat Level – Amber | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.