Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service.
Referring to the hidden backdoor secretly implanted in SolarWinds' Orion product, Kaspersky’s Georgy Kucherin wrote in a blog post on Monday: “While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar.”
Kaspersky, itself a Russian company, linked that Kazuar remote-access hole (a .NET nasty) with previous research by Palo Alto Networks which attributed it to the Russian state-sponsored Turla crew, who were last spotted targeting the Armenian government and Austria’s Foreign Office.
Support the originator by clicking the read the rest link below.
