New Cyber Espionage Group Targeting Ministries of Foreign Affairs

Cybersecurity experts revealed a new cyber espionage cell responsible for a series of targeted operations against diplomatic facilities and telecommunications companies in Africa and the Middle East since at least 2017.   The campaign, dubbed BackdoorDiplomacy, involves targeting vulnerabilities in devices exposed to the Internet, such as web servers, to conduct a variety of cyber hacking activities, including moving laterally across the network to deploy a custom implant called Turian that is capable of exfiltrating sensitive data stored on removable media.  Jean-Ian Boutin, head of threat research at Slovak cybersecurity firm ESET said, "BackdoorDiplomacy shares tactics, techniques, and procedures with other Asia-based groups. Turian likely represents a next stage evolution of Quarian, the backdoor last observed in use in 2013 against diplomatic tar...