A step-by-step analysis of the Russian APT Turla backdoor called TinyTurla

Summary Turla is a Russian-based group that has impacted government, embassies, military, education, and research companies since 2004. Our analysis focuses on a backdoor called TinyTurla that was installed on an endpoint via a Windows Service. The list of C2 servers and a password used for authentication with the servers are stored in the Windows […]

A step-by-step analysis of the Russian APT Turla backdoor called TinyTurla Read More »