FireEye cyber security experts: Malicious hackers masqueraded as a member of Cambridge University, used LinkedIn to deliver malicious documents and three new malware families.
Cyber security expert and Yoroi founder, Marco Ramilli, analyzed the two state-sponsored groups to look for strong and weak similarities.
Symantec cyber security experts: The group, aka Turla, launched 3 campaigns: one with Neptun malware, another with Meterpreter and the last one with custom RPC backdoor.
The cyber security expert, Marco Ramilli, analyzed it to match the clues e find if Iranian state-sponsored hackers are behind the operation. Something says Yes, something diverge.
The cyber security experts: There are many similarities on TTPs, targets and purposes. The credential harvesting could be complementary to the WebMask project on DNS Hijack.