 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Satellite Turla| Names | Satellite Turla | |
| Category | Malware | |
| Type | Backdoor, Tunneling | |
| Description | (Kaspersky) The regular usage of satellite-based Internet links by the Turla group represents an interesting aspect of their operation. The links are generally up for several months, but never for too long. It is unknown if this is due to operational security limitations self-imposed by the group or because of shutdown by other parties due to malicious behavior. The technical method used to implement these Internet circuits relies on hijacking downstream bandwidth from various ISPs and packet-spoofing. This is a method that is technically easy to implement, and provides a much higher degree of anonymity than possibly any other conventional method such as renting a VPS or hacking a legitimate server. | |
| Information | <https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.satellite_turla> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:satellite> | |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Turla, Waterbug, Venomous Bear |  | 1996-Dec 2023 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |