An ongoing cyber-espionage campaign which relies on the sophisticated Turla Trojan (also known as Snake, Uroboros and Carbon) appears to target the Governments and embassies of the former Eastern Bloc countries and has all the markings of a state-sponsored effort, reports Symantec.
According to Tech Week Europe, this campaign has compromised at least 84 legitimate websites to facilitate watering hole attacks since September 2012. Kaspersky Labs has dubbed the first stage of the infection mechanism ‘Epic’, adding that the campaign had hit its peak in the first two months of 2014.
The identity of the attackers or the location of their base of operations is yet to be established, although code artefacts suggest they communicate in Russian. The infection starts with spear phishing and watering-hole attacks, when hackers hijack one of the pages on a legitimate site and alter it to serve malicious code.