Kremlin Hack Groups Collaborate on Malware Attacks, Security Researchers Say
Two of the Kremlin's most active hacking units, Turla and Gamaredon, have been spotted collaborating in malware attacks targeting high-value devices in Ukraine, according to security researchers.
The collaboration was first detected by ESET, a leading cybersecurity firm, which reported that the two groups had worked together on several occasions since 2020. "We've seen evidence of Turla and Gamaredon sharing resources and expertise to launch more sophisticated attacks," said Ondrej Kubovic, an ESET researcher.
Turla is considered one of the world's most advanced persistent threats (APTs), known for its well-organized and well-funded operations targeting specific adversaries. The group has been linked to high-profile breaches, including those of the US Department of Defense in 2008 and more recently, the German Foreign Office and France's military.
Gamaredon, on the other hand, is a separate APT that conducts wider-scale operations often targeting organizations in Ukraine. While Turla takes pains to fly under the radar, Gamaredon has been known for its brazen attacks.
The collaboration between the two groups raises concerns about the increasing sophistication and coordination of Kremlin-backed hacking efforts. "This development suggests that the Kremlin is willing to pool resources and expertise to achieve its goals," said a Western security official, who spoke on condition of anonymity.
Background research reveals that both Turla and Gamaredon have been active in Ukraine for several years, with Turla targeting high-value targets such as government agencies and military installations. Gamaredon, meanwhile, has focused on broader attacks against Ukrainian organizations.
Security experts warn that the collaboration between these two groups could lead to more devastating attacks in the future. "The fact that they're working together means we can expect even more sophisticated and coordinated attacks," said Kubovic.
As the situation unfolds, security researchers are urging organizations to remain vigilant and take necessary precautions to protect themselves against these types of attacks. "We need to stay ahead of these groups by monitoring their activities closely and sharing intelligence with each other," said a cybersecurity expert who wished to remain anonymous.
In response to the news, Ukrainian officials have issued a statement calling for increased cooperation between governments and security agencies to combat cyber threats. The Kremlin has not commented on the allegations.
The collaboration between Turla and Gamaredon serves as a stark reminder of the growing threat posed by state-sponsored hacking groups. As the world grapples with the complexities of cybersecurity, this development underscores the need for international cooperation and information sharing to counter these threats.
*Reporting by Arstechnica.*
Kremlin Hackers Unite: Turla and Gamaredon Team Up for Ukraine Attacks
1
0
