Read Time:1 Minute, 34 Second
A new report by security researchers revealed that Russian hackers had been piggybacking on the infections of other hackers to gain access to sensitive data.
Agent.btz, a dangerous piece of malware that infected USB devices put in by unwary Pentagon employees and spread throughout US Department of Defense systems, was created by the Russian cyberespionage group Turla, which gained notoriety in 2008.
After 15 years, the same organisation is attempting a new variation on that tactic: using other hackers’ USB infections as a jumping-off point to piggyback on other infections and covertly select their spying targets.
John Hultquist, who oversees intelligence analysis at Mandiant, said it demonstrates how the Russian group’s techniques have advanced and gotten significantly more sophisticated over the previous 15 years.
“Because the malware already proliferated through USB, Turla can leverage that without exposing themselves. Rather than use their own USB tools like agent.btz, they can sit on someone else’s,” Hultquist said.
“They’re piggybacking on other people’s operations. It’s a really clever way of doing business,” he added.
Last week, cybersecurity company Mandiant disclosed that it had discovered a case in which Turla’s hackers—widely believed to work for Russia’s FSB intelligence agency—allegedly gained access to victim networks by registering the expired domains of nearly ten-year-old cybercriminal malware that was disseminated via infected USB drives.
That hijacking method seems to be intended to allow Turla to operate undetected while snooping across many networks and disguising itself inside the tracks of other hackers.
After Russia’s disastrous invasion of Ukraine last February, the country has become a key target for all Kremlin intelligence services, which is how Mandiant first learned about Turla’s novel method.
The tactics employed by Turla highlight the advanced capabilities available to state-sponsored hackers and their willingness to use any means necessary to gain access to their desired targets.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
