National Cyber Security Centre has issued a warning over an updated Neuron malware attacks by the Turla hacking group.
The hacking group is targeting the UK with an updated neuron malware designed to embed itself into compromised network and carryout espionage.
Neuron malware is not the only malware linked to this hacking group. Nautilus malware variants are also linked to the hacking group. Turla Hackers have been carrying out cyber-espionage against a range of targets, including government, military, technology, energy, and other commercial organisations.
The Hackers recent activities were traced to diplomatic targets such as embassies and consulates.
This group of Hackers specialised in phishing via email. Their main targets are usually web and mail servers.
UK's National Cyber Security Centre (NCSC) which is the cybersecurity arm of GCHQ, issued a warning that Turla Hacking Group is deploying an advanced version of Neuron. It now has stealth ability that makes it very difficult to detect.
The design mechanism of the advanced version of the Neuron is to encrypt the payload and never store it on disk but on memory. This makes it very difficult for antivirus to detect it.
Advice by the NCSC for organisations that have previously been targeted by Turla is to "be diligent in checking for the presence of these additional tools".
The National Cyber Security Centre doesn't point to the work of Turla being associated with any particular threat actor -- instead referring to it as "a prevalent cyber threat group targeting the UK".
Although, according to many Cyber Security Researchers, Turla is seen as state sponsored.