Capibar Malware Used in Turla Espionage Attacks

Ukrainian government computer emergency response team CERT-UA claims that a malware family used in cyberattacks against Eastern Europe and Ukraine’s defense sector is linked to the Russian APT Turla. The malware is designed to steal files from popular messaging application Signal, as well as documents, images, and archive files. Microsoft Exchange servers were targeted and manipulated into becoming malware command-and-control centers.