"Microsoft Exchange Servers Compromised by Turla APT"

Turla, also known as Secret Blizzard, Snake, and UAC-0003, has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors and infostealers. The group has also been controlling them with compromised Microsoft Exchange servers. It is believed that the Russian state is behind the sophisticated and persistent Advanced Persistent Threat (APT) group Turla, which has been active for over a decade. The group has been linked to many attacks against government and military organizations, as well as cyber espionage campaigns against other organizations with information the Russian government may find useful. This article continues to discuss recent findings regarding the Turla APT group.

Help Net Security reports "Microsoft Exchange Servers Compromised by Turla APT"