Secret Blizzard’s Spy-Fi: Turla’s Sneaky Hack Attack on Moscow’s Embassies
Turla, the Russian state hacker group, has found a new way to spice up their espionage game. By using Russia’s internet providers like their own personal toolbox, they’ve tricked embassy staff in Moscow into downloading spyware disguised as security updates. Who knew your ISP could be such a sneaky accomplice?
Hot Take:
The Russian hacker group Turla, often seen as the James Bond of cyber-espionage, has now whipped out a new gadget from their bag of tricks that would make even Q proud. Instead of elaborate subterfuge, they’ve adopted a more ‘door-to-door salesman’ approach by using Russia’s ISPs to directly sell spyware to embassy staff in Moscow. And unlike your typical salesman, their product is more of a ‘Hey, can I interest you in some malware?’
Key Points:
- Turla, a Russian hacker group linked to the FSB, used Russian ISPs to plant spyware directly on targets’ computers.
- The technique exploits captive portals to trick users into downloading malware disguised as a security update.
- The malware, ApolloShadow, disables encryption, leaving communications vulnerable.
- This approach combines passive surveillance with targeted hacking, blurring espionage lines.
- Microsoft advises using VPNs and multifactor authentication to counteract such ISP-based espionage.
Already a member? Log in here