Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions
Two Russian state-sponsored threat actors have been working together in recent cyberattacks against Ukrainian targets, evidence collected by ESET suggests. Specifically, the company found that, between February and April 2025, tools that Gamaredon had deployed were used to restart and deploy Turla malware on the systems of select victims in Ukraine. Turla, also known as Krypton, Snake, Venomous Bear, and Waterbug, has been active since at least 2004, focusing on high-profile targets, including diplomats and…
Read More
