LightNeuron

Malware updated 4 months ago (2024-05-16T20:17:36.150Z)
Download STIX
Preview STIX
LightNeuron is a sophisticated malware developed by the Turla group, known for its complex and custom cyber threats. It shares operational similarities with LunarMail, another Turla backdoor, in that it uses email messages for command and control (C&C) purposes. The malware infects systems through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The Turla group demonstrated its ongoing development of intricate malware through LightNeuron. Analysis indicated that the operators used the free email provider GMX, as they did in previous attacks involving Outlook Backdoor and LightNeuron. Interestingly, they also used the name of a real employee of the targeted organization in the email address, further demonstrating their advanced tactics to evade detection and increase the success rate of their attacks. In a simulated attack scenario, Turla's LightNeuron implant was covertly installed as a Microsoft Exchange Transport Agent on the second day of testing. This action-specific malware, along with others such as EPIC and SNAKE, focused on kernel and Microsoft Exchange exploitation. The ultimate goal of this stealthy installation was to exfiltrate the user’s emails, showcasing the potential severity of a LightNeuron infection.
Description last updated: 2024-05-16T20:16:11.684Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Turla
3
Turla, a threat actor linked to Russia, is known for its sophisticated cyber-espionage activities. It has been associated with numerous high-profile attacks, employing innovative techniques and malware to infiltrate targets and execute actions with malicious intent. According to MITRE ATT&CK and MIT
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Backdoor
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the LightNeuron Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
ESET
4 months ago
To the Moon and back(doors): Lunar landing in diplomatic missions
CERT-EU
a year ago
BlackBerry AI Cybersecurity Effective Against Turla | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
a year ago
Matthieu Faou | WeLiveSecurity
MITRE
2 years ago
A dive into Turla PowerShell usage | WeLiveSecurity
CERT-EU
a year ago
Министерство юстиции США заявило, что оно нарушило работу одного из самых сложных кибершпионских инструментов