One of the highest-tier Russian hacking groups goes by the name Turla. They are believed to be funded by the Russian government and are likely involved in all kinds of operations that aim at serving Russian interests abroad. President Putin has denied using the services of hackers countless times, but evidence gathered by cybersecurity experts would suggest otherwise. In 2017, a particularly vicious campaign was carried out by the Turla hacking group targeted companies operating in the United Kingdom. This operation used three of Turla’s hacking tools – Neuron, Nautilus, and the Snake rootkit. It is important to note that the Neuron threat does not belong to the LightNeuron malware family, which has also been developed by the Turla hacking group.
Campaigns in the United Kingdom and Eastern Europe
When following the traces of this campaign, it became evident that the Turla hacking group opted to use the Neuron malware almost exclusively with the Nautilus threat. Despite the fact that most of the activity of the Neuron threat was concentrated in the United Kingdom, malware researchers found out that there may have been attacks targeting states located in Eastern Europe too. The campaigns in the United Kingdom were carried out with the help of phishing emails, which were specifically tailored for the targets. However, the campaigns launched in Eastern Europe took a different approach – the malware was propagated via bogus Adobe Flash player updates.
Once the Neuron malware infiltrates a target, it will make sure to gain persistence on the system. Then, the attackers will be able to steal sensitive data, collect information about the host’s hardware and software, and execute remote commands.
The Turla hacking group is very serious when carrying out their attacks – they make sure to constantly introduce updates to their hacking tools in order to remain one step ahead of cybersecurity researchers. This makes the Turla hacking group a particularly difficult to combat enemy, and their attacks often prove to be very effective.