Names | TurlaChopper | |
Category | Malware | |
Type | Backdoor | |
Description | (ESET) In addition to NETVulture, on the Microsoft Exchange server of the same Ministry, we found a variant of the China Chopper webshell we called TurlaChopper. We believe that the initial access leveraged a remote code execution vulnerability in the Exchange server program, namely CVE-2020-0688. | |
Information | <https://www.welivesecurity.com/wp-content/uploads/2021/05/eset_threat_report_t12021.pdf> |
Last change to this tool card: 10 February 2022
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Turla, Waterbug, Venomous Bear | 1996-Dec 2023 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |