Satellite Turla

Description

(Kaspersky) The regular usage of satellite-based Internet links by the Turla group represents an interesting aspect of their operation. The links are generally up for several months, but never for too long. It is unknown if this is due to operational security limitations self-imposed by the group or because of shutdown by other parties due to malicious behavior.

The technical method used to implement these Internet circuits relies on hijacking downstream bandwidth from various ISPs and packet-spoofing. This is a method that is technically easy to implement, and provides a much higher degree of anonymity than possibly any other conventional method such as renting a VPS or hacking a legitimate server.

Names

Name
Satellite Turla

Type

Backdoor
Tunneling

Information

https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.satellite_turla

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:satellite

Other Information

Uuid

007e9044-248a-4e7c-a121-c3b813ffe703

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

Satellite Turla

Satellite Turla

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks