2025年初,俄罗斯网络团体Gamaredon和Turla合作,利用共享工具重新启动后门,将乌克兰国防实体作为攻击目标。 Russian cyber groups Gamaredon and Turla collaborated in early 2025 to target Ukrainian defense entities, using shared tools to reactivate a backdoor.

ESET研究发现了俄罗斯与联邦安全局有联系的Gamaredon和Turla网络团体之间合作的第一批证据,这些团体以乌克兰高知名度实体为目标。 ESET Research has found the first evidence of collaboration between Russian FSB-linked cyber groups Gamaredon and Turla, targeting high-profile Ukrainian entities. 这些团体于2025年初携手合作, Gamaredon使用PteroOdd和PteroPaste等工具, 重新启用Turla的Kazauar后门, The groups worked together in early 2025, with Gamaredon deploying tools like PteroOdd and PteroPaste to restart Turla’s Kazuar backdoor on compromised machines. 这种协调表明,在2022年入侵以来活动加剧的情况下,重点应放在高价值目标上,特别是在乌克兰的国防部门。 This coordination suggests a focus on high-value targets, particularly in Ukraine’s defense sector, amid intensified activity since the 2022 invasion. 这两个团体至少自2004年和2013年以来一直活跃,长期以欧洲、中亚和中东的政府和外交机构为目标。 Both groups, active since at least 2004 and 2013, have long targeted government and diplomatic institutions across Europe, Central Asia, and the Middle East.