The Russian hacker group has modified the two most popular browsers. All this in order to gain access to TLS encrypted traffic.
The Kaspersky team discovered the whole deal and decided to look at it. The Russian Turla group modified Chrome and Firefox browsers to get fingerprints in encrypted traffic using TLS. The Russians infected the systems with a remote access Trojan and uploaded their own certificates to the device. This enabled the organization to passively track all encrypted network traffic.
ZDNet suggests that the Russians’ activity associated with the infection can be easily identified and remains only a matter of time. It is believed that the Turla group operates under the protection of the Russian government, and the originally “infected” targets were located in Russia and Belarus.
The group itself is so sophisticated that in the past it has jeopardized East European Internet providers – all to get specific data.
There is nothing more than to wait for further information in this matter.
