The APT group Turla is known by many names including Krypton, MAKERSMARK, Snake, Uroburosk, Venomous Bear, Waterbug and WhiteBear, and is tracked by researchers. Turla is primarily known for its espionage activities. This time they’re back with the another malicious sample dropping malicious exe file samples to different users. Believed to be sponsored by the Russian FSB security service, Turla has been active since at least 2008 and while constantly evolving its own toolkit, has also been turning its attention towards the infrastructure and resources of other APTs.
Information theft and espionage