Russian hacker group using HTTP status codes to control malware implants



Security researchers from Kaspersky have identified a new version of the COMpfun malware that controls infected hosts using a mechanism that relies on HTTP status codes. The malware has been first spotted last year, in November, and has been deployed in attacks against diplomatic entities across Europe. Responsible for the attacks is a group known as Turla, a state-sponsored Russian threat actor that has historically engaged in cyber-espionage operations.  Turla has a long history of using non-standard and innovative methods to build malware and carry out stealthy attacks.

Read more…