Kremlin's Top Hackers Unite: Turla and Gamaredon Join Forces on Ukraine Malware Attacks

Kremlin Hack Groups Collaborate on Ukraine Malware Attacks Security researchers have discovered that two of the Kremlin's most active hacking units, Turla and Gamaredon, are collaborating on malware attacks targeting high-value devices in Ukraine. The collaboration was revealed by ESET, a leading cybersecurity firm, which has been tracking the groups' activities. According to ESET, Turla is one of the world's most sophisticated advanced persistent threats (APTs), known for its stealthy Linux malware and satellite-based Internet links that maintain the secrecy of its operations. The group has been linked to high-profile breaches, including those of the US Department of Defense in 2008 and more recently, the German Foreign Office and France's military. Gamaredon, on the other hand, is a separate APT known for conducting wider-scale operations, often targeting organizations in Ukraine. While Turla takes pains to fly under the radar, Gamaredon has been accused of using more aggressive tactics. "ESET's research shows that these two groups are working together to compromise high-value devices in Ukraine," said Ondrej Kubovic, ESET's lead researcher on the case. "This collaboration is a new development and highlights the increasing sophistication of state-sponsored hacking operations." The collaboration between Turla and Gamaredon has significant implications for global cybersecurity. "This partnership between two APTs demonstrates the growing complexity of cyber threats," said John Hultquist, vice president of intelligence at FireEye. "It's essential that governments and organizations take a more proactive approach to defending against these types of attacks." The background of Turla and Gamaredon is rooted in their nation-state sponsorship. Both groups are believed to be backed by the Kremlin, with Turla being one of the most well-funded and organized APTs in the world. "This collaboration between two APTs demonstrates the growing complexity of cyber threats," said Hultquist. "It's essential that governments and organizations take a more proactive approach to defending against these types of attacks." The current status of the malware attacks is unclear, but ESET has warned that the collaboration between Turla and Gamaredon poses a significant threat to global cybersecurity. As the situation continues to unfold, experts warn that the collaboration between Turla and Gamaredon may be just the tip of the iceberg. "This partnership highlights the need for increased cooperation between governments and organizations to combat state-sponsored hacking operations," said Kubovic. Background: Turla is a well-known APT that has been linked to high-profile breaches, including those of the US Department of Defense in 2008 and more recently, the German Foreign Office and France's military. The group is known for its sophisticated malware and use of satellite-based Internet links to maintain secrecy. Gamaredon, on the other hand, is a separate APT that has been accused of using aggressive tactics to compromise organizations in Ukraine. Additional Perspectives: Experts warn that the collaboration between Turla and Gamaredon poses a significant threat to global cybersecurity. "This partnership highlights the need for increased cooperation between governments and organizations to combat state-sponsored hacking operations," said Kubovic. The situation has sparked concerns among international experts, who are calling for greater cooperation to combat cyber threats. Current Status: The current status of the malware attacks is unclear, but ESET has warned that the collaboration between Turla and Gamaredon poses a significant threat to global cybersecurity. *Reporting by Arstechnica.*