New details on Sunburst backdoor used in SolarWinds supply-chain attack potentially link it to Turla advanced persistent threat (APT) group. Researchers at Kaspersky have uncovered several code similarities between Sunburst and the Kazuar backdoor. The overlapping features include a sleeping algorithm, the FNV-1a hash; and the algorithm used to generate unique IDs (UIDs) for victims. The malware has been consistently used together with known Turla tools during multiple breaches in the past three years.
Source: https://threatpost.com/solarwinds-hack-linked-turla-apt/162918/