Threat Intelligence, Critical Infrastructure Security
Dutch firms, sites targeted by Sea Turtle cyberespionage campaign
Turkey-linked advanced persistent threat group Sea Turtle, also known as Teal Kurma, Cosmic Wolf, and Marbled Dust, has deployed island-hopping and supply chain attacks against the Netherlands' telecommunications firms, internet services providers, IT service providers, and media organizations, as well as Kurdish websites, as part of its cyberespionage operations, according to Security Affairs.
Aside from utilizing the SnappyTCP reverse TCP shell in a bid to breach systems on Linux and Unix, attackers also targeted cPanel accounts and leveraged SSH to facilitate initial systems compromise and eventually exfiltrate personal data to perform surveillance on possible political dissents and minorities, a report from Hunt & Hackett showed.
"This appears to be consistent with claims from U.S. officials in 2020 about hacker groups acting in Turkeys interest, focusing on the identities and locations of the victims, which included governments of countries that are geopolitically significant to Turkey," researchers from Hunt & Hackett said.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds