A link to the past: 20 year-old attack that remains relevant
Samples from 1990s cyberattack suggest possible link to modern threat actor
The Moonlight Maze cyber attacks targeted the Pentagon, NASA and more. Newly unearthed evidence shows how a backdoor used to extract victim data in 1998 connects to one used by Turla in 2011 and possibly 2017.Learn more
Ancient APT tools can evolve into current threats
Moonlight Maze was active from 1996 - 2003, targeting mainly government and military organizations in the US. Much of the official evidence was classified.
In 2016, Kaspersky and Kings College London unearthed a trove of logs and samples belonging to the APT – held on a proxy server in the UK.
The findings show that an open-source backdoor used in 1998 by Moonlight Maze connects to an evolved open-source backdoor used by Turla in 2011, and possibly 2017.
The findings also reveal a lot about the attacks – enough to reconstruct the attack sequence and typology, tools and techniques.
Government, military, research and education entities in over 45 countries hit – what is Epic Turla after and how does it get to it?READ MORE >
The remarkable Linux-based Penquin Turla tools, used to breach defenses when other systems are well-secured.READ MORE >
To avoid control servers being taken down, some threat actors have started using satellite-based Internet links to communicate with victim systemsREAD MORE >