Date of report
- January 2023
Affiliations
A Russian threat actor, Turla, used defunct command and control website domains to reactivate dormant backdoors installed before 2013 by criminal hackers. Turla then downloaded new information-stealing malware on the infected networks to identify whether they would be valuable for espionage.
Suspected victims
- Ukrainian organizations
Suspected state sponsor
- Russian Federation
Type of incident
- Espionage
Target category
- Private sector
Read more