Feedback

Attackers of SolarWinds use same tools as Russian hackers

Source : 112 Ukraine

The investigators of Kaspersky firm that is based in Moscow stated that the tools used for attack on SolarWinds were exploited by Turla hacking group that is stated to operate on behalf of Russia’s FSB
17:40, 11 January 2021

cyber security
Reuters

The group of hackers, which earlier attacked SolarWinds Company, used the tools earlier exploited by Russian hackers as Reuters reported.

The investigators of Kaspersky firm that is based in Moscow stated that the tools used for an attack on SolarWinds were exploited by Turla hacking group that is stated to operate on behalf of Russia’s FSB.

However, Moscow denied the allegations; while the FSB did not respond at all.

Related: U.S. intelligence states on massive cyber attack on govt structures

Head of global research and analysis at Kaspersky Costin Raiu stated that the tool called Kazuar used at SolarWinds incident and by Turla hackers has three distinct similarities.

“One such finding could be dismissed. Two things definitely make me raise an eyebrow. Three is more than a coincidence,” Raiu said

The similarities include the way to obscure their functions from security analysts, how the hackers identified their victims, and the formula used to calculate periods when the viruses lay dormant in an effort to avoid detection.

Related: Biden prepares tough move against Russia for its possible involvement in cyber attacks last week

It was also noted that tools used by both groups were purchased from the same spyware developer or it was the intention to mislead investigators.

In December 2020, the hack, targeting software made by US firm SolarWinds, was reported. However, it had been going on for months. 

Watch review of Year 2020 here:

 

Topics:
Система Orphus

If you find an error, highlight the desired text and press Ctrl + Enter, to tell about it

Comments
see more