losaton.blogg.se - Kaspersky solarwinds hack

Some of the Kazuar developers moved to another team, taking knowledge and tools with them.

Both groups, DarkHalo/UNC2452 and the group using Kazuar, obtained their malware from the same source.

The Sunburst developers adopted some ideas or code from Kazuar, without having a direct connection (they used Kazuar as an inspiration point).

Sunburst was developed by the same group as Kazuar.

Some of the explanations for these similarities highlighted by Kaspersky’s report include: The algorithm used to generate victim UIDs, the extensive usage of the FNV-1a hash and the sleeping algorithm of both the backdoors are some of the major similarities found between Kazuar and Sunburst.ĭespite these similarities, the extent of the similarities and nature of the relationship is still unclear.