ID | Votes | Profile Description |
---|---|---|
WhiteBear | 1 | WhiteBear is a threat actor that has been associated with the Turla group, also known as Snake, Venomous Bear, Uroburos, and WhiteBear. This association was established through strong links identified between a Crutch dropper from 2016 and Gazer, a second-stage backdoor used by Turla in 2016-2017. W |
ID | Type | Votes | Profile Description |
---|---|---|---|
Kazuar | Unspecified | 2 | Kazuar is a sophisticated multiplatform trojan horse malware, linked to the Russian-based threat group Turla (also known as Pensive Ursa, Uroburos, Snake), which has been operating since at least 2004. This group, believed to be connected to the Russian Federal Security Service (FSB), utilizes an ar |
ComRAT | Unspecified | 1 | ComRAT, also known as Agent.BTZ, is a potent malware that has evolved over the years to become a significant threat in the cybersecurity landscape. Developed using C++ and employing a virtual FAT16 file system, ComRAT is often used to exfiltrate sensitive documents. The malware is a remote access tr |
Crutch | Unspecified | 1 | Crutch is a sophisticated malware attributed to the Turla group, first discovered by ESET researchers in December 2020. It's considered a second-stage backdoor, achieving persistence through DLL hijacking. One notable feature of Crutch v4 is its ability to automatically upload files found on local a |
ID | Type | Votes | Profile Description |
---|---|---|---|
Turla | Unspecified | 3 | Turla, also known as Pensive Ursa, is a sophisticated threat actor linked to Russia that has been active for many years. The group is known for its advanced cyber-espionage capabilities and has been associated with numerous high-profile breaches. According to the MITRE ATT&CK and MITRE Ingenuity dat |
Pensive | Unspecified | 1 | Pensive Ursa, also known as Turla or Uroburos, is a Russian-based threat group that has been active since at least 2004 and is linked to the Russian Federal Security Service (FSB). The group employs advanced and stealthy tools like Kazuar, a .NET backdoor used as a second stage payload. In 2023, Pen |
Pensive Ursa | Unspecified | 1 | Pensive Ursa, also known as Turla, Uroburos, Venomous Bear, and Waterbug, is a Russian-based advanced persistent threat (APT) group that has been operating since at least 2004. The group, linked to the Russian Federal Security Service (FSB), is renowned for its sophisticated cyber-espionage activiti |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 5 months ago | Jan Marsalek an Agent for Russia? The Double Life of the former Wirecard Executive |
DARKReading | 9 months ago | Upgraded Kazuar Backdoor Offers Stealthy Power |
Trend Micro | 10 months ago | Examining the Activities of the Turla APT Group |
Unit42 | 10 months ago | Threat Group Assessment: Turla (aka Pensive Ursa) |
MITRE | a year ago | A dive into Turla PowerShell usage | WeLiveSecurity |
MITRE | a year ago | Turla Crutch: Keeping the “back door” open | WeLiveSecurity |