#CandCservers

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

by

September 5, 2024 at 02:15AM Earth Lusca, a Chinese-speaking threat actor, has been observed deploying a new backdoor named KTLVdoor in a cyber attack targeting an unnamed trading company in China. The malware is written in Golang and masquerades as system utilities, with over 50 command-and-control servers identified. Its use by other Chinese threat actors … Read more

Russian Turla Cyberspies Target Polish NGOs With New Backdoor

by

February 22, 2024 at 10:51AM Turla, a Russian state-sponsored threat actor, has deployed a new backdoor called TinyTurla-NG in recent attacks on NGOs in Poland. The malware, an evolution of TinyTurla, was first used in December 2023 and is designed for implant administration and file management. Turla also deployed other tools in this attack. From … Read more