The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal.
CISA encourages users and administrators to review Malware Analysis Report MAR-10310246-2.v1 and U.S. Cyber Command’s VirusTotal page for more information.
Russian state-sponsored cyber actors have targeted ministries of foreign affairs & national parliaments to spy, steal data, & install malware. With our partners @CISAgov & @FBI, @US_CYBERCOM persistently enables cyber defense for the nation. https://t.co/ulAkObBrGI #trickortreat https://t.co/FCL6WmWkMd
— U.S. Cyber Command (@US_CYBERCOM) October 29, 2020
Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency
Related story: CISA and CNMF Identify a New Malware Variant: Zebrocy