Slovak company ESET has documented the collaboration of two well-known Russian hacking groups, Gamaredon and Turla, who jointly attacked Ukrainian organizations using the Kazuar spyware.
Slovak company ESET has documented the collaboration of two well-known Russian hacking groups, Gamaredon and Turla, who jointly attacked Ukrainian organizations using the Kazuar spyware.
This is stated in the ESET report, which is cited by The Hacker News. According to the researchers, in February 2025, Gamaredon used its own tools PteroGraphin and PteroOdd to launch Kazuar on one of the computers in Ukraine. In the following months, in April and June, the same scheme was repeated - using different variants of the malware.
Gamaredon, also known as Armageddon, has been active since at least 2013 and specializes in attacks against Ukrainian government institutions. Turla is an older group that has been operating since the late 1990s and has already attacked ministries and defense companies in Europe and the United States. Both groups are linked to Russian intelligence services.
The Kazuar spyware they use allows them to collect data from an infected computer, access files, and transfer information to remote servers. Newer versions of Kazuar have become more sophisticated: they can now operate through different communication channels and bypass some protections.
Experts note that Gamaredon provides initial access to computers, while Turla deploys Kazuar for long-term espionage. This combination makes the attacks more dangerous, as one group effectively opens the "door" while the other enters with enhanced capabilities.
Recall that the activity of Russian hacker groups against Ukraine has increased significantly after the full-scale invasion in 2022. Now their attention is increasingly focused on the defense sector.
dev.ua previously reported on how the U.S. Department of Justice indicted a Ukrainian citizen who led the LockerGoga, MegaCortex, and Nefilim ransomware hacking groups. At the same time, Europol added him to its “most wanted” list.
