VERY IMPORTANT

ESET researchers uncovered collaboration between two notorious APT groups, Gamaredon and Turla, both associated with Russia's FSB. The groups were observed working together to compromise high-profile targets in Ukraine. Evidence shows Gamaredon tools being used to restart and deploy Turla's Kazuar backdoor on specific machines. This cooperation indicates a strategic alignment between different FSB units, with Gamaredon likely providing initial access for Turla's more sophisticated operations. The collaboration was detected through multiple attack chains involving various malware tools from both groups. This discovery highlights the evolving tactics of Russian cyber espionage efforts, particularly in the context of the ongoing conflict in Ukraine.