Turla group adds more malware to Russia’s espionage efforts against Ukraine
ID: aec9b9d6-e72d-57bb-b045-e22c2e3ca27d
STIX ID: report--aec9b9d6-e72d-57bb-b045-e22c2e3ca27d
Feed Name: The Record from Recorded Future News
Google researchers report that Turla (aka Secret Blizzard/Venomous Bear) has developed and deployed a covert malware family named StockStay since at least December 2022 to conduct espionage against Ukrainian government and military organizations and select European targets; the malware mimics legitimate applications, reuses code from the Kazuar framework, and the group distributed it via phishing messages that included malicious RDP configuration files and diplomatic/academic-themed lures.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
