Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Russian state Hacker, known as Turla, has implemented some of the most innovative piracy tragedies on the date of electronic registration, Hide malware communications in satellite communications or Kidnapping other infiltrators to avoid extracting their data. However, when they are working on home grass, it turned out that they tried a great approach, if it was more clear, it seems that they used their control over Internet service providers to plant spyware directly on computers of their targets in Moscow.
The Microsoft Safety Research Team focused on penetration of the threats today, a report showing the detail of a new treacherous spy technology used by Turla, which is believed to be part of the FSB intelligence agency in the Kremlin. The group, also known as snakes, toxic bear, or Microsoft name, SECRET BLIZZARD, has used its arrival on which the country relies on Russian Internet service providers to intervene with Internet traffic and deception victims working in foreign embassies working in Moscow to install the group malware on their computers. Then the spyware continued to disrupt the encryption on the machines of those goals so that the data that were transferred online remained unacceptable, leaving their contacts and adoption data such as user names and passwords are completely vulnerable to monitoring by these internal provisions themselves – and any government monitoring agency that cooperates with them.
This technology represents a rare mix of piracy targeted for spying and the most elderly governments, and the most negative for collective monitoring, as spying agencies and toured them through ISPS data and communications to the survey targets. “This blocked the boundaries between negative monitoring and actual infiltration,” says Degrovo.
For this designated group of infiltrators, DeGRIPPO adds, and it suggests a strong new weapon in their arsenal to target anyone within the borders of Russia. “This is possible to explain how they think about the communications infrastructure in Russia as part of their tool group,” she says.
According to Microsoft researchers, TURLA technology takes advantage of a specific webpage browser when you face a “captive gate”, and windows are commonly used to access the Internet in settings such as airports, aircraft or cafes, but also within some companies and government agencies. In Windows, these captive gates continue to a specific Microsoft website to check that the user’s computer is actually online. (It is not clear whether the captive gates used to penetrate the turly victims in reality were actually legitimacy routinely used by the targeted embassies or those imposed by Turla in some way on users as part of their piracy technology.)
By taking advantage of its control over the Internet service providers that connect some foreign embassy employees to the Internet, TURLA managed to redirect the goals until they saw an error message that prompted them to download an update for the browser encryption certificates before they could reach the web. When one of the reassured users agreed, they instead installed a piece of harmful programs that Microsoft Apolloshadow, some of which were incomprehensible – such as Kaspersky security update.
Apolloshadow programs will mainly disrupt the browser encryption, and to strip the coding protection silently for all the web data that the computer transmits and receives. Degrippo says this relatively simple absurdity was likely to be difficult to discover from a complete piece of spyware, with the same result.
