Turla turns PowerShell into a weapon in attacks against EU diplomats


A cyberespionage group believed to be from Russia is once again striking political targets, and this time, PowerShell scripts have been weaponized to increase the power of their attacks.

Turla, also known as Snake or Uroburos, has been active since at least 2008. The advanced persistent threat (APT) group was previously linked to a backdoor implanted in Germany’s Federal Foreign Office for the purposes of data exfiltration in 2017, alongside attacks against the US military, a defense contractor, and a variety of European government entities.

The Russian hacking group is rarely quiet for long, and now, the APT has returned with a fresh wave of attacks against diplomatic entities in Eastern Europe.

Read more…
Source: ZDNet