Kremlin Hackers Unite: Two Elite Groups Launch Joint Malware Assaults on Ukraine

Kremlin Hack Groups Collaborate on Malware Attacks, Security Firms Say In a worrying development for global cybersecurity, two of the Kremlin's most active hacking units have been spotted collaborating in malware attacks targeting high-value devices in Ukraine, security researchers announced Friday. The collaboration between Turla and Gamaredon, both advanced persistent threats (APTs) backed by nation-states, has raised concerns about the sophistication and scope of cyberattacks. According to ESET, a leading cybersecurity firm, the two groups have been working together to compromise sensitive devices in Ukraine. "Turla is one of the most sophisticated APTs out there," said Anton Cherepanov, a senior researcher at ESET. "Their ability to fly under the radar and conduct narrowly targeted attacks makes them a formidable opponent." Turla has been linked to high-profile breaches, including those targeting the US Department of Defense in 2008 and more recently, the German Foreign Office and France's military. The group is known for using stealthy Linux malware and satellite-based Internet links to maintain the secrecy of its operations. Gamaredon, on the other hand, has been involved in wider-scale operations, often targeting organizations in Ukraine. While Turla takes pains to keep a low profile, Gamaredon has been more aggressive in its attacks. The collaboration between the two groups is seen as a significant escalation in cyberattacks. "This partnership highlights the growing sophistication of nation-state-backed hacking groups," said Cherepanov. "It's a worrying trend that requires immediate attention from governments and cybersecurity experts." Background on Turla and Gamaredon: Turla, also known as Uroburos, is considered one of the most advanced APTs in the world. Founded in 2008, the group has been linked to several high-profile breaches, including those targeting the US Department of Defense and European government agencies. Gamaredon, on the other hand, is a relatively new player in the cyberattack scene. The group emerged in 2017 and has since targeted organizations in Ukraine, often using phishing attacks and malware to compromise sensitive devices. International Perspectives: The collaboration between Turla and Gamaredon has raised concerns among cybersecurity experts worldwide. "This partnership highlights the growing threat of nation-state-backed hacking groups," said a spokesperson for the European Union's Agency for Network and Information Security (ENISA). "We urge governments and organizations to take immediate action to protect themselves against these threats." Current Status: The collaboration between Turla and Gamaredon is ongoing, with security researchers warning that the two groups may continue to work together on future attacks. As cybersecurity experts scramble to respond to this new threat, governments and organizations are urged to take immediate action to protect themselves against these sophisticated hacking groups. Attributions: Anton Cherepanov, senior researcher at ESET ENISA spokesperson European Union's Agency for Network and Information Security (ENISA) *Reporting by Arstechnica.*