Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 21:14:19 UTC
Home > List all groups > List all tools > List all groups using tool TurlaChopper
 Tool: TurlaChopper
Names TurlaChopper
Category Malware
Type Backdoor
Description
(ESET) In addition to NETVulture, on the Microsoft Exchange server of the same Ministry,
we found a variant of the China Chopper webshell we called TurlaChopper. We believe that
the initial access leveraged a remote code execution vulnerability in the Exchange server
program, namely CVE-2020-0688.
Information <https://www.welivesecurity.com/wp-content/uploads/2021/05/eset_threat_report_t12021.pdf>
Last change to this tool card: 10 February 2022
Download this tool card in JSON format
All groups using tool TurlaChopper
Changed Name Country Observed
APT groups
  Turla, Waterbug, Venomous Bear 1996-2024  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=dde3f80f-2f25-4683-9b81-5a92a306b9ad
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=dde3f80f-2f25-4683-9b81-5a92a306b9ad
Page 1 of 1