Nautilus
Nautilus is a newly discovered hacking tool that is linked to the activities of the Turla Advanced Persistent Threat group. The hackers from Turla are known for targeting government, energy, military, and technology sectors in various regions – their latest campaign involves the use of the Snake rootkit, and the newly discovered malware families Neuron and Nautilus. The campaign appears to be targeted against companies and organizations in the United Kingdom at the moment, but it is possible that the group may broaden its reach in the near future.
It is believed that Nautilus and Neuron are used in combination with each other almost exclusively as they have been found on all mail servers and Web servers that the Turla group had managed to compromise in their recent campaign. The threats use advanced sandbox-evasion techniques, and big portions of their code are heavily obfuscated to make reverse engineering them as difficult as possible. Researchers working on the Nautilus and Neuron campaigns also discovered that the Turla hackers had been updating both payloads frequently – this means that they are keeping track of the latest cybersecurity news, and are applying updates to ensure that Nautilus and Neuron will keep evading anti-virus engines and malware debugging environments.
The hackers from Turla are likely to use the malware combo of Nautilus, Neuron, and Snake to exfiltrate sensitive information from the compromised hosts, as well as to execute arbitrary code that may enable them to disable certain security features or deploy other payloads.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.