tinyturla (2)

9621446463?profile=RESIZE_400xA Russian-linked group known as Turla has been deploying a secondary backdoor against numerous targets to maintain persistence within compromised devices even after the primary malware has been discovered and removed from the infrastructure, according to a research report released by Cisco Talos this week.

The newly discovered backdoor, which the researchers call "TinyTurla," has been deployed against targets in the U.S. and Germany over the last two years. More recently, however, Turla has used

9604849262?profile=RESIZE_400xActivity Summary - Week Ending 24 September 2021:

  • Red Sky identified 28,838 connections from new unique IP addresses connecting to our Sinkholes
  • Analysts identified 1,253 new IP addresses participating in various botnets
  • Zeppelin Ransomware
  • Russian TinyTurla
  • CloudAtlas
  • WSL Malware Loaders
  • AT&T network hacker – Convicted
  • Suex & Ransomware Laws
  • Fake Vaccine Passports
  • Real Estate Brokerage Firm Hit

Report link: IR-21-267-001_weekly_267_FINAL.pdf