The cybersecurity researchers of ESET has identified an undocumented backdoor and document stealer that was dubbed as “Turla Crutch” by its founder. The main motive of the threat actor is to attribute to the ill-famed Russian hacker group Turla.
The experts reported that this backdoor was used from 2015 to early 2020. Researchers noted that this malware family is the only one that has been used against a very common target, which is quite common for Turla tools.
Moreover, the experts have also seen Crutch on the system of a Ministry of Foreign Affairs in a country of the European Union. The cybersecurity researchers of ESET were responsible for finding a link in the 2016 dropper for this malware. There has been a second-stage backdoor, which is the cyber-espionage group that was being used in 2016-2017.
Similarities
According to the report, there are some similarities that have been found in this malware:-
- Both samples were withdrawn at C:Intel~intel_upd.exe on a similar machine…