Unveiling the Sea Turtle Cyber Espionage Campaign

Threat Level – Red | Vulnerability Report
Download PDF

Sea Turtle, a Turkey-based Advanced Persistent Threat (APT) actor, has been active since 2017. The group has primarily targeted European and Middle Eastern organizations, focusing on information theft and DNS hijacking to compromise repositories with valuable and sensitive data. In a recent 2023 campaign, targeting the Netherlands, Sea Turtle utilized a reverse TCP shell named SnappyTCP for Linux/Unix with basic command-and-control capabilities to establish persistence on systems.

Threat Level – Red | Actor Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox