Nichols Martin
Cybersecurity firm ESET has uncovered an advanced system backdoor dubbed Gazer that it says Russia-linked cyber espionage group Turla has used since 2016 to attack European government institutions.
ESET reported Wednesday the backdoor tool has been used on computers located around the world but primarily in Europe.
“The tactics, techniques and procedures we’ve seen here are in line what we typically see in Turla’s operations — a first-stage backdoor that is likely delivered through spear phishing, followed by the appearance on the compromised system of a second-stage backdoor,” said Jean-Ian Boutin, senior malware researcher at ESET.
The company noted Gazer’s build features its own customized cryptography and uses a virtual file system to resist antiviruses.
ESET, an IT security firm that offers cybersecurity services to clients worldwide, has published a white paper on the discovery of the Gazer backdoor.
