Turla Exploits Ukraine’s Defense Sector with DeliveryCheck Backdoor
Turla Exploits Ukraine’s Defense Sector with DeliveryCheck Backdoor
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
DeliveryCheck, a .NET-based backdoor, targets Ukraine’s defense sector, attributed to Russian actor Turla; it aims to exfiltrate Signal app data. Notably, it breaches Microsoft Exchange servers using PowerShell DSC for malicious activity.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
