December 5, 2024 at 09:57AM

The Russian APT group #Turla has gained access to the Pakistani APT group #Sidecopy + #TransparentTribe (Storm-0156)’s C2 server and used it to attack operators in Afghanistan and Pakistan.

Snowblind: The Invisible Hand of Secret Blizzard

https://www.microsoft.com/en-us/security/blog/2024/12/04/frequent-freeloader-part-i-secret-blizzard-compromising-storm-0156-infrastructure-for-espionage/

IoCs:
https://github.com/blacklotuslabs/IOCs/blob/main/Secret_Blizzard_IoCs.txt

https://t.me/cKure/14986