ESET researchers unveil a previously undocumented backdoor and document stealer that has been deployed against specific targets from 2015 to early 2020. The malware has been attributed to Turla (aka Venomous Bear or Snake), a Russia-based advanced hacker group known for its extensive attacks against governments, embassies, and military organizations. The latest malware in Turla’s diverse toolset points to the group’s continued focus on espionage and reconnaissance against high-profile targets. The backdoor implants were secretly installed on several machines belonging to the Ministry of Foreign Affairs in an unnamed EU country.
Source: https://thehackernews.com/2020/12/experts-uncover-crutch-russian-malware.html