The Cold War may be consigned to the history books, but the cold cyberwar is starting to hot up – and the Russians appear to be calling most of the shots. One of its star players is a cyber espionage group called Turla – which has been active for ten years, but traces its origins back to the 90s.
According to a report by Slovakian security company ESET, Turla habitually preys on diplomatic targets; using innocuous Flash Player installers to install Mosquito – a new backdoor Trojan that allows the hacking group to harvest confidential documents and spread malware.
How do they do it? Adobe hotly refutes any suggestion that Turla has compromised its servers. Instead, it appears that the hackers perpetrate a Man-in-the-Middle exploit while Flash Player is being installed, most probably through an ISP-level compromise. Turla is a sophisticated operator with a formidable track record – it has even commandeered Britney Spears’ Instagram photostream to conceal its malware control mechanism.