The investigators of Kaspersky firm that is based in Moscow stated that the tools used for an attack on SolarWinds were exploited by Turla hacking group that is stated to operate on behalf of Russia’s FSB.
However, Moscow denied the allegations; while the FSB did not respond at all.
Head of global research and analysis at Kaspersky Costin Raiu stated that the tool called Kazuar used at SolarWinds incident and by Turla hackers has three distinct similarities.
“One such finding could be dismissed. Two things definitely make me raise an eyebrow. Three is more than a coincidence,” Raiu said
The similarities include the way to obscure their functions from security analysts, how the hackers identified their victims, and the formula used to calculate periods when the viruses lay dormant in an effort to avoid detection.
It was also noted that tools used by both groups were purchased from the same spyware developer or it was the intention to mislead investigators.
In December 2020, the hack, targeting software made by US firm SolarWinds, was reported. However, it had been going on for months.
Watch review of Year 2020 here: