The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal.
Russian state-sponsored cyber actors have targeted ministries of foreign affairs & national parliaments to spy, steal data, & install malware. With our partners @CISAgov & @FBI, @US_CYBERCOM persistently enables cyber defense for the nation. https://t.co/ulAkObBrGI #trickortreat https://t.co/FCL6WmWkMd
— U.S. Cyber Command (@US_CYBERCOM) October 29, 2020
Source: U.S. Cybersecurity and Infrastructure Security Agency
Related story: CISA and CNMF Identify a New Malware Variant: Zebrocy