CyberNews Briefs

Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group

A new Symantec report sheds light on the recent activity of Turla (aka Waterbug, KRYPTON, Venomous Bear), a Russia-linked cyber-espionage group. Since early 2018 the group has launched at least three distinct campaigns that all relied on different tools. The attacks have targeted 13 organizations, including government agencies, across 10 countries.

One particularly interesting finding is the fact that Turla seems to have taken over the infrastructure of OilRig (aka APT34, Crambus), which is also an advanced persistent threat group, but one linked to the Iranian regime. According to the researchers, “this is the first time Symantec has observed one targeted attack group seemingly hijack and use the infrastructure of another group. However, it is still difficult to ascertain the motive behind the attack.”

Read more: Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group

For further reading on this topic we recommend:

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.