Techly NewsGet the app

Get the latest tech news

The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware


The FSB cyberespionage group known as Turla seems to have used its control of Russia's network infrastructure to meddle with web traffic and trick diplomats into infecting their computers.

According to Microsoft's researchers, Turla's technique exploits a certain web request browsers make when they encounter a “captive portal,” the windows that are most commonly used to gate-keep internet access in settings like airports, airplanes, or cafes, but also inside some companies and government agencies. By taking advantage of its control of the ISPs that connect certain foreign embassy staffers to the internet, Turla was able to redirect targets so that they saw an error message that prompted them to download an update to their browser's cryptographic certificates before they could access the web. Microsoft didn't say how it had linked the hacking campaign to Turla specifically—a typical tightlipped approach from the company's security team, which often declines to divulge its sources and methods to avoid helping hackers evade detection.

Get the Android app

Or read this on Wired

Read more on:

Photo of Russian

Russian

Photo of Spyware

Spyware

Photo of kremlin

kremlin

Related news:

News photo

Kremlin goons caught abusing ISPs to spy on Moscow-based diplomats, Microsoft says

News photo

Russia Builds a New Web Around Kremlin’s Handpicked Super App

News photo

Russian airline Aeroflot grounds dozens of flights after cyberattack

« Plants vs. Zombies is getting an HD remaster with co-op
Malicious extensions can use ChatGPT to steal your personal data - here's how »