Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
May 22, 2026 1:13:22 PM / by The Hivemind posted in Threat Bulletin, Venomous Bear, Turla, Kazuar malware, Secret Blizzard, Russian cyber espionage, modular malware, Microsoft threat intelligence, espionage malware, FSB cyber operations, Kazuar loader
Verticals Targeted: Government, Defense, Diplomatic Organizations, Research Institutions
Regions Targeted: Europe, Central Asia, Ukraine
Related Threat Actors: Secret Blizzard (aka Turla, Venomous Bear)
Related Families: Kazuar, Pelmeni
May 28, 2024 1:05:05 PM / by The Hivemind posted in Russia, Threat Bulletin, Government, Venomous Bear, Turla, LunarMail, LunarWeb, LunarLoader
Related Families: LunarMail, LunarLoader, LunarWeb
Verticals Targeted: Government
Jan 19, 2023 12:39:38 PM / by The Hivemind posted in Ukraine, Russia, Threat Bulletin, Espionage, Venomous Bear, Andromeda, Kopiluwak, Turla, QuietCanary
Related Families: Andromeda, Kopiluwak, QuietCanary
Executive Summary
Mandiant recently reported on a Turla campaign targeting Ukraine. The threat actors used multiple malware families in this campaign, including Kopiluwak, QuietCanary, and Andromeda.