Exposed: Russia's Turla and Gamaredon Hacking Groups Collaborate, Coordinated by FSB
Russian hacking groups Turla and Gamaredon have been exposed working together, orchestrated by Russia's Federal Security Service (FSB). This collaboration, first documented in Ukraine, involves two state-sponsored groups with distinct tactics and targets.
Gamaredon, active since 2013, is Ukraine's most prolific state-backed threat actor, targeting government services and defense enterprises. It uses spearphishing and infected removable drives for initial compromise. Turla, active since 2004, is known for sophisticated espionage, focusing on specific machines with highly sensitive intelligence.
Both groups have collaborated before, with Gamaredon previously working with InvisiMole and Turla hijacking other groups' infrastructure. In four cases, they compromised the same Ukrainian machines, with Gamaredon deploying custom tools and Turla installing its Kazuar v3 backdoor. Turla even used Gamaredon's infrastructure to remotely restart its malware in at least one instance.
The FSB's involvement in coordinating Turla and Gamaredon's operations is clear, with a history of collaboration dating back to the Cold War era. This cooperation allows them to exploit a broader range of targets and techniques, posing a significant threat to Ukraine and potentially other nations.
Read also:
- Bishkek: A Time-Capsule City of Soviet Statues and Architecture
- Mitsubishi Electric Acquires Nozomi Networks for $883M in Industrial Cybersecurity Boost
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
