{"id":31087,"date":"2020-11-02T12:16:14","date_gmt":"2020-11-02T10:16:14","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=31087"},"modified":"2025-08-28T01:58:53","modified_gmt":"2025-08-27T22:58:53","slug":"us-authorities-reveal-new-malware-linked-to-russian-hackers","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/us-authorities-reveal-new-malware-linked-to-russian-hackers\/","title":{"rendered":"US authorities reveal new malware linked to Russian hackers"},"content":{"rendered":"<p>The U.S. Cyber Command, together with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), has identified new types of malware that authorities say were used in attacks by Russian hackers against government targets.<!--more--><\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">An implant dropper dubbed <a href=\\\"https:\/\/twitter.com\/hashtag\/ComRATv4?src=hash&#038;ref_src=twsrc%5Etfw\\\">#ComRATv4<\/a> recently attributed by <a href=\\\"https:\/\/twitter.com\/CISAgov?ref_src=twsrc%5Etfw\\\">@CISAgov<\/a> and <a href=\\\"https:\/\/twitter.com\/FBI?ref_src=twsrc%5Etfw\\\">@FBI<\/a> to Russian sponsored APT, Turla. It was likely used to target ministries of foreign affairs and national parliament.<br \/>\n<a href=\\\"https:\/\/twitter.com\/CNMF_CyberAlert?ref_src=twsrc%5Etfw\\\">@CNMF_CyberAlert<\/a> continues to disclose <a href=\\\"https:\/\/twitter.com\/hashtag\/malware?src=hash&#038;ref_src=twsrc%5Etfw\\\">#malware<\/a> samples on: <a href=\\\"https:\/\/t.co\/fSgk1xpG8t\\\">https:\/\/t.co\/fSgk1xpG8t<\/a> <a href=\\\"https:\/\/t.co\/c2jmozTAyB\\\">pic.twitter.com\/c2jmozTAyB<\/a><\/p>\n<p>\u2014 USCYBERCOM Cybersecurity Alert (@CNMF_CyberAlert) <a href=\\\"https:\/\/twitter.com\/CNMF_CyberAlert\/status\/1321863548486770689?ref_src=twsrc%5Etfw\\\">October 29, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>The identified malicious components are associated with the malware families ComRAT and Zebrocy, which hackers have used in attacks for many years.<\/p>\n<p>The message states that ComRAT is used by the hacking group Turla (also known as Uroboros), and Zebrocy by the APT28 group (also operating under the name Fancy Bear). Both groups are linked to Russia.<\/p>\n<p>The hackers continually updated their tools, so the malware remained undetected for a long time.<\/p>\n<p>According to experts, ComRAT was used against foreign ministries and the parliament, while Zebrocy targeted embassies and ministries.<\/p>\n<p>Both malware families targeted victims in Eastern Europe and Central Asia.<\/p>\n<p>In October, the U.S. Department of Justice <a href=\"https:\/\/u1f987.com\/en\/news\/u-s-justice-department-charges-russian-hackers-over-olympic-attacks-in-korea-and-french-elections\">charged<\/a> six Russian citizens with hacking attacks on infrastructure in France, South Korea, Ukraine and the United States.<\/p>\n<p>Read ForkLog&#8217;s exclusive for more on Fancy Bear and other well-known hacker groups.<\/p>\n<blockquote class=\\\"wp-embedded-content\\\" data-secret=\\\"XdopOeV0ig\\\">\n<p>Anatomy of hacker groups: who and why they hack digital systems<\/p>\n<\/blockquote>\n<p><iframe loading=\\\"lazy\\\" class=\\\"wp-embedded-content\\\" sandbox=\\\"allow-scripts\\\" security=\\\"restricted\\\" style=\\\"position: absolute; visibility: hidden;\\\" title=\\\"Anatomy of hacker groups: who and why they hack digital systems \u2014 ForkLog\\\" src=\\\"https:\/\/u1f987.com\/exclusive\/anatomiya-hakerskih-gruppirovok-kto-i-zachem-vzlamyvaet-tsifrovye-sistemy\/embed#?secret=jkG5gUfAM7#?secret=XdopOeV0ig\\\" data-secret=\\\"XdopOeV0ig\\\" width=\\\"500\\\" height=\\\"282\\\" frameborder=\\\"0\\\" marginwidth=\\\"0\\\" marginheight=\\\"0\\\" scrolling=\\\"no\\\"><\/iframe><\/p>\n<p>Follow ForkLog\u2019s news on Telegram: <a href=\\\"https:\/\/t.me\/forklogfeed\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog Feed<\/a> \u2014 the full news stream, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Cyber Command, together with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), has identified new types of malware that authorities say were used in attacks by Russian hackers against government targets.<\/p>\n","protected":false},"author":1,"featured_media":31088,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,26],"class_list":["post-31087","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-usa"],"aioseo_notices":[],"amp_enabled":true,"views":"21","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/31087","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=31087"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/31087\/revisions"}],"predecessor-version":[{"id":31089,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/31087\/revisions\/31089"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/31088"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=31087"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=31087"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=31087"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}