The Russian-linked Turla hacking group has been observed using a new version of Kazuar backdoor to expand its attacks. The new findings come from Palo Alto Networks Unit 42, which has been tracking the adversary under the name Pensive Ursa. According to researchers, the malware has been spotted in the wild after years of hiatus […]
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)
Executive Summary While tracking the evolution of Pensive Ursa (aka Turla, Uroburos), Unit 42 researchers came across a new, upgraded variant of Kazuar. Not only is Kazuar another name for the enormous and dangerous cassowary bird, Kazuar is an advanced and stealthy .NET backdoor that Pensive Ursa usually uses as a second stage payload. Pensive […]
Nov 01, 2023NewsroomCyber Threat / Malware The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. “As the code of the […]