Turla

Turla is a popular Russian group most known for targeting government agencies around the world. Turla may indeed be one of the oldest APT groups to date. Alternative alias include waterbug, Krypton and wipbot.

Another big name cyber espionage group, Turla has been a big advocate of different government agencies around the world.

Tactics

PDF exploits and fake flash player downloads are still in high volume with targeted phishing attacks. They have even been known to pull off social engineering attempts to gain initial recon information. Lastly, they have attributed to zero day attacks like CVE-2013-3346.

Techniques

Turla has mastered the art of satellite hijacking. This allows them to attack from anywhere on the planet, and remain anonymous. Turla is one of the first groups to really master this technique, and have become very efficient with it.

Tools

Some of the more popular tools used by the infamous Turla include Snake (a Urbororos rootkit), and unnamed tools used to bypass air gaps in proxy networks. Turlas main focus is to remain as unseen as possible.

Targets

Middle East government agencies along with their militaries have been their sole focus, but they have been known to come after North America and South America, as well. Their main focus seems to be intelligence-based targets that would give them an advantage with government agencies (ex. pharmaceutical , education, embassies).