One of Russia’s most sophisticated cyberespionage groups has reportedly been leveraging its country’s internet backbone to deploy spyware—right on its home turf.
Turla, a hacking unit tied to Russia’s Federal Security Service (FSB), is known for complex and covert digital operations, often involving satellites and co-opting rival hackers’ infrastructure to avoid detection.
But a recent investigation reveals a more direct strategy: manipulating Russia’s own internet service providers (ISPs) to infect targets with malware.
The operation appears to have taken place in Moscow, where Turla likely used privileged access to local ISPs to intercept and tamper with web traffic.
This allowed them to stealthily implant spyware on the systems of specific targets, such as foreign diplomats working within Russia. The tactic bypasses traditional phishing or compromised websites, instead exploiting a deep-rooted position within Russia’s internet infrastructure.
While Turla has previously made headlines for their stealth, such as masking malware communications via satellite links or piggybacking on other hackers’ campaigns, this domestic maneuver reflects a new kind of boldness.
Leveraging national internet controls to directly manipulate web traffic represents both a technical advantage and a dangerous precedent for global cyber operations.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: