Kazuar

Kazuar, Turla APT (Russian FSB) backdoor. Protobuf C2. NATO government/defense institutions are the target. 2017+.

Threat Profile
Type Backdoor
Programming LanguageC#/.NET
C2 ProtocolHTTP/Protobuf
First Seen2017
Targets NATO ulkeleri
Purpose / Capabilities
  • Remote Access+Espionage
No C2 servers have been identified for this family yet.

Research Reports (1)

Critical

Kazuar -- 1.9MB Turla APT, Google Protobuf C2 Protokolü, base64 FileDescriptorProto | Kritik

Kazuar 1.9MB Turla APT (Rusya FSB). Google Protobuf C2 protokolü. b29nbGUucHJvdG9idWY base64 descriptor.

Read Report →