Kazuar
Kazuar, Turla APT (Russian FSB) backdoor. Protobuf C2. NATO government/defense institutions are the target. 2017+.
Threat Profile
Type
Backdoor
Programming LanguageC#/.NET
C2 ProtocolHTTP/Protobuf
First Seen2017
Targets
NATO ulkeleri
Purpose / Capabilities
- Remote Access+Espionage
No C2 servers have been identified for this family yet.
Research Reports (1)
Kazuar -- 1.9MB Turla APT, Google Protobuf C2 Protokolü, base64 FileDescriptorProto | Kritik
Kazuar 1.9MB Turla APT (Rusya FSB). Google Protobuf C2 protokolü. b29nbGUucHJvdG9idWY base64 descriptor.
Read Report →