turla

Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world.

The previously undiscovered malware represents a missing puzzle piece tied to “Turla,” a so-called advanced persistent threat (APT) disclosed in August by Kaspersky Lab and Symantec. For at least four years, the campaign targeted government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. The unknown attackers—who are probably backed by a nation-state, according to Symantec—were known to have infected several hundred Windows-based computers by exploiting a variety of vulnerabilities, at least two of which were zero-day bugs. The malware was notable for its use of a rootkit that made it extremely hard to detect.

Now researchers from Moscow-based Kaspersky Lab have detected Linux-based malware used in the same campaign. Turla was already ranked as one of the top-tier APTs, in the same league as the recently disclosed Regin for instance. The discovery of the Linux component suggests it is bigger than previously thought and may presage the discovery of still more infected systems.

“The [Turla] operations are being carried out in broader environments than we previously knew,” Kaspersky Lab expert Kurt Baumgartner told Ars. “All the other stuff we’ve seen from Turla has been windows based. This piece of the puzzle shows us that they do not limit themselves.”

[…]

Administrators who want to check for Turla-infected Linux systems can check outgoing traffic for connections to news-bbc.podzone[.]org or 80.248.65.183, which are the addresses of known command and control channels hardcoded into the Linux trojan. Admins can also build a signature using a

tool called YARA

that detects the strings “TREX_PID=%u” and “Remote VS is empty !”

Recently, an interesting malicious sample was uploaded to a multi-scanner service. This immediately triggered our interest because it appears to represent a previously unknown piece of a larger puzzle. That puzzle is “Turla”, one of the most complex APTs in the world. The newly discovered Turla sample is unusual in the fact that it’s the first Turla sample targeting the Linux operating system that we have discovered.

New Linux Trojan 'Turla' Discovered

New Linux Trojan ‘Turla’ Discovered

A rather nasty Linux Trojan has been discovered. It’s been used by hackers to steal personal, confidential information from government institutions, the military and pharmaceutical companies worldwide.

The malware dubbed “Turla” is written in C and C++ and contains code from other libraries. It uses a hidden network communication and is stripped of symbol information, which make it real hard for…

View On WordPress

youtube

Right Now | Mode with Lee Curreri | Official Videoclip in Los Angeles (di Mode MusicProject) Grandissimi i miei amici di Modica!!!!! 

Kaspersky Lab analisa a ligação entre Turla e Agent.BTZ

Kaspersky Lab analisa a ligação entre Turla e Agent.BTZ

A equipa de investigação e análise da Kaspersky Lab descobriu uma ligação entre o Turla, o nome de código de uma operação de ciber-espionagem, e o malware Agent.BTZ.
Em 2008, o Agent.BTZ infectou a rede local do Comando Central dos Estados Unidos no Médio Oriente, provocando o que então foi classificado como «o pior ataque de sempre a computadores militares dos Estados Unidos».

Os especialistas…

View On WordPress

Moja 1.5 roczna córeczka mówi wszystko i wyraźnie, ale niestety ma duże problemy z chodzeniem. Jest grubiutka i leniwa, a my martwiliśmy się strasznie, że mimo swojego wieku nie zrobiła jeszcze swojego pierwszego kroczku. Ostatnio przy rodzinnym obiedzie, siedziała i bawiła się zabawkami na podłodze. Dookoła niej jak oszalały biegał jej kuzyn-rówieśnik, który ma odwrotny problem-rusza się za dużo a mało mówi. Biegał tak w kółko powtarzając “glupa sinia, sinia” (chodziło mu o grubą świnie), kiedy jego mama miała wstać i wytłumaczyć mu, że źle się zachowuje, ku zdziwieniu wszystkich moja córcia wstała, zrobiła pierwsze kroki, uderzyła chłopca w twarz i powiedziała głośno i wyraźnie: “Nie mówi się glupa sinia tylko gruba świnia, ty tępy ch*ju.” Mój mąż- wierny fan kapitana bomby turlał się po podłodze ze śmiechu, a ja chciałam zapaść się ze wstydu pod ziemię, kiedy czułam na sobie wzrok teściów. YAFUD