Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection

The Turla hacking crew, which is linked to Russia, has updated its known second-stage backdoor, Kazuar, to increase its stealth, detection evasion and efforts to thwart analysis. Cybersecurity firm Palo Alto Networks found Kazuar, initially identified in 2017, has evolved, offering a wider range of features, stealth and complex command execution control. Diminished communication and idle modes when being analysed or debugged also help it remain covert.