Advertisement
Turla's STOCKSTAY Backdoor: Analysis of Campaigns & WinRAR Exploit
Google Threat Intelligence details STOCKSTAY, Turla's .NET backdoor for espionage targeting Ukraine and Europe, leveraging RDP & CVE-2025-8088.
Turla APT Deploys StockStay Backdoor in Ukraine Espionage Campaign
Russian APT Turla targets Ukrainian government and military entities with the custom StockStay backdoor for persistent access and cyber espionage.

Turla Deploys New STOCKSTAY Backdoor in Ukraine Espionage Operations
Google identifies STOCKSTAY, a new .NET backdoor by Russian actor Turla targeting Ukrainian military and Italian foreign policy interests via Windows systems.
Turla Updates Kazuar Backdoor with Modular P2P Botnet Capabilities
Russian threat actor Turla (Secret Blizzard) has upgraded its Kazuar backdoor with peer-to-peer botnet functionality and modular architecture for stealth.

Turla Updates Kazuar Backdoor into Modular P2P Botnet for Persistence
Russian threat actor Turla has evolved the Kazuar backdoor into a peer-to-peer botnet, enhancing stealth and resilience against command-and-control takedowns.