ESET researchers recently uncovered a new cyber espionage campaign by Turla, an advanced persistent threat (APT) group believed to operate from Russia. The hackers are using PowerShell scripts in order to go after diplomatic targets in the Eastern Europe.
Turla has used PowerShell in previous campaigns, but it has now improved its code in order to obtain persistence by taking advantage of tools already present on targeted systems, a technique known as living-off-the-land.
Read more: Turla turns PowerShell into a weapon in attacks against EU diplomats