Researchers with Check Point and Intezer Labs have analyzed 2,000 malware samples linked to Russian advanced persistent threat (APT) groups in order to find connections between the malware strains. While 22,000 such connections were found, the report indicates that hackers working for the Russian government usually do not share their code with each other.
If code is being shared, it is usually between actors working for the same government agency, which implies that the three Russian intelligence services engaged in cyber espionage — the FSB (Federal Security Service), the SVR (Foreign Intelligence Service), and GRU (Main Intelligence Directorate for Russia’s military) — do not work together.
Read more: Russian state hackers rarely share code with one another