ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Satellite Turla

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Satellite Turla

NamesSatellite Turla
CategoryMalware
TypeBackdoor, Tunneling
Description(Kaspersky) The regular usage of satellite-based Internet links by the Turla group represents an interesting aspect of their operation. The links are generally up for several months, but never for too long. It is unknown if this is due to operational security limitations self-imposed by the group or because of shutdown by other parties due to malicious behavior.

The technical method used to implement these Internet circuits relies on hijacking downstream bandwidth from various ISPs and packet-spoofing. This is a method that is technically easy to implement, and provides a much higher degree of anonymity than possibly any other conventional method such as renting a VPS or hacking a legitimate server.
Information<https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.satellite_turla>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:satellite>

Last change to this tool card: 24 April 2021

Download this tool card in JSON format

All groups using tool Satellite Turla

ChangedNameCountryObserved

APT groups

 Turla, Waterbug, Venomous BearRussia1996-Dec 2023 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]