"Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions"

Two previously undocumented backdoors, "LunarWeb" and "LunarMail," targeted an unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East. ESET attributed the activity to the Russia-aligned cyber espionage group "Turla" with medium confidence, citing tactical overlaps with previous campaigns. Turla, an Advanced Persistent Threat (APT) found to be affiliated with Russia's Federal Security Service (FSB), has been active since at least 1996. It has targeted government, embassies, military, education, research, and pharmaceutical industries. This article continues to discuss the Turla group and its deployment of LunarWeb and LunarMail backdoors. 

THN reports "Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions"

Submitted by grigby1

Submitted by grigby1 CPVI on