Russian-backed Turla cyber-espionage group used stolen malware and hijacked infrastructure from Iranian-sponsored OilRig to attack targets from dozens of countries. Turla is an advanced threat group tracked by security outfits as Waterbug, Snake, WhiteBear, VENOMOUS BEAR, and Kypton, an advanced persistent threat (APT) group with a wide range of victims, from military and government to education and research entities. Turla used victim networks previously compromised using Snake to find servers infected with the ASPX shells in at least 35 countries including Saudi Arabia, Kuwait, Qatar and UAE.
Source: https://www.bleepingcomputer.com/news/security/russian-hackers-use-iranian-threat-groups-tools-servers-as-cover/

