Russian APT Group Turla Deploys StockStay Backdoor Targeting Ukrainian Government and Military

The Russian advanced persistent threat (APT) group Turla has deployed a backdoor named 'StockStay' targeting government and military organizations in Ukraine for espionage purposes. The campaign specifically focuses on Ukrainian entities, though no exact timeline, technical indicators, or victim counts were disclosed. StockStay functions as a backdoor, enabling unauthorized access and data exfiltration, but no additional malware characteristics or attack vectors were detailed. The operation aligns with Turla’s known cyberespionage activities linked to Russian state interests. No CVEs or specific technical artifacts were mentioned in the report.