G0010
G0010Turla
Description
[Turla](https://attack.mitre.org/groups/G0010) is a cyber espionage threat group that has been attributed to Russia's Federal Security Service (FSB). They have compromised victims in over 50 countries since at least 2004, spanning a range of industries including government, embassies, military, education, research and pharmaceutical companies. [Turla](https://attack.mitre.org/groups/G0010) is known for conducting watering hole and spearphishing campaigns, and leveraging in-house tools and malware, such as [Uroburos](https://attack.mitre.org/software/S0022).(Citation: Kaspersky Turla)(Citation: ESET Gazer Aug 2017)(Citation: CrowdStrike VENOMOUS BEAR)(Citation: ESET Turla Mosquito Jan 2018)(Citation: Joint Cybersecurity Advisory AA23-129A Snake Malware May 2023)
References
- https://attack.mitre.org/groups/G0010
- https://www.accenture.com/us-en/blogs/cyber-defense/turla-belugasturgeon-compromises-government-entity
- https://blog.talosintelligence.com/2021/09/tinyturla.html
- https://www.welivesecurity.com/wp-content/uploads/2018/01/ESET_Turla_Mosquito.pdf
- https://www.welivesecurity.com/wp-content/uploads/2017/08/eset-gazer.pdf
- https://www.welivesecurity.com/2019/05/29/turla-powershell-usage/
- https://www.cisa.gov/sites/default/files/2023-05/aa23-129a_snake_malware_2.pdf
- https://securelist.com/introducing-whitebear/81638/
- https://securelist.com/the-epic-turla-operation/65545/
- https://www.leonardo.com/documents/20142/10868623/Malware+Technical+Insight+_Turla+%E2%80%9CPenquin_x64%E2%80%9D.pdf
Software attributed to this10
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Software | Penquins0587 | 100% | live |
| Software | Carbons0335 | 100% | live |
| Software | Epics0091 | 100% | live |
| Software | HyperStacks0537 | 100% | live |
| Software | Urobuross0022 | 100% | live |
| Software | TinyTurlas0668 | 100% | live |
| Software | Mosquitos0256 | 100% | live |
| Software | Gazers0168 | 100% | live |
| Software | IronNetInjectors0581 | 100% | live |
| Software | PowerStallions0393 | 95% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.