Saturday, April 17, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Experts Uncover ‘Crutch’ Russian Malware Used in APT Attacks for 5 Years

December 2, 2020
in Internet Privacy
Experts Uncover ‘Crutch’ Russian Malware Used in APT Attacks for 5 Years
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Cybersecurity researchers today took the wraps off a previously undocumented backdoor and document stealer that has been deployed against specific targets from 2015 to early 2020.

Codenamed “Crutch” by ESET researchers, the malware has been attributed to Turla (aka Venomous Bear or Snake), a Russia-based advanced hacker group known for its extensive attacks against governments, embassies, and military organizations through various watering hole and spear-phishing campaigns.

You might also like

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems

YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs

US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack

“These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators,” the cybersecurity firm said in an analysis shared with The Hacker News.

The backdoor implants were secretly installed on several machines belonging to the Ministry of Foreign Affairs in an unnamed country of the European Union.

Besides identifying strong links between a Crutch sample from 2016 and Turla’s yet another second-stage backdoor called Gazer, the latest malware in their diverse toolset points to the group’s continued focus on espionage and reconnaissance against high-profile targets.

Crutch is delivered either via the Skipper suite, a first-stage implant previously attributed to Turla, or a post-exploitation agent called PowerShell Empire, with two different versions of the malware spotted before and after mid-2019.

While the former included a backdoor that communicates with a hardcoded Dropbox account using the official HTTP API to receive commands and upload the results, the newer variant (“Crutch v4”) eschews the setup for a new feature that can automatically upload the files found on local and removable drives to Dropbox by using the Windows Wget utility.

“The sophistication of the attacks and technical details of the discovery further strengthen the perception that the Turla group has considerable resources to operate such a large and diverse arsenal,” said ESET researcher Matthieu Faou.

“Furthermore, Crutch is able to bypass some security layers by abusing legitimate infrastructure — here, Dropbox – in order to blend into normal network traffic while exfiltrating stolen documents and receiving commands from its operators.”


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

MetricStream's New M7 Integrated Risk Platform Leverages AWS Machine Learning

Next Post

Open source software security vulnerabilities exist for over four years before detection

Related Posts

22-Year-Old Charged With Hacking Water System and Endangering Lives
Internet Privacy

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems

April 16, 2021
YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs
Internet Privacy

YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs

April 16, 2021
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
Internet Privacy

US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack

April 16, 2021
More Sophisticated, Prevalent and Evolving in 2021
Internet Privacy

More Sophisticated, Prevalent and Evolving in 2021

April 16, 2021
1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them
Internet Privacy

1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them

April 15, 2021
Next Post
Open source software security vulnerabilities exist for over four years before detection

Open source software security vulnerabilities exist for over four years before detection

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

A new collective to fight adtech fraud: Friday’s daily brief
Digital Marketing

A new collective to fight adtech fraud: Friday’s daily brief

April 17, 2021
Cyberattack on UK university knocks out online learning, Teams and Zoom
Internet Security

Cyberattack on UK university knocks out online learning, Teams and Zoom

April 17, 2021
SBI Sumishin Net Bank partners with DLT Labs on supply chain financing network
Blockchain

SBI Sumishin Net Bank partners with DLT Labs on supply chain financing network

April 16, 2021
Machine learning approach identifies more than 400 genes tied to schizophrenia
Machine Learning

Machine learning models may predict criminal offenses related to psychiatric disorders

April 16, 2021
Templates Vs Machine Learning OCR | by Infrrd | Mar, 2021
Neural Networks

Templates Vs Machine Learning OCR | by Infrrd | Mar, 2021

April 16, 2021
How you handle email replies matters for great customer experiences
Digital Marketing

How you handle email replies matters for great customer experiences

April 16, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • A new collective to fight adtech fraud: Friday’s daily brief April 17, 2021
  • Cyberattack on UK university knocks out online learning, Teams and Zoom April 17, 2021
  • SBI Sumishin Net Bank partners with DLT Labs on supply chain financing network April 16, 2021
  • Machine learning models may predict criminal offenses related to psychiatric disorders April 16, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates