Gamaredon, a Russia-backed threat group renowned for distributing malware via phishing emails, recently appears to have utilised an infected portable drive to target a Ukrainian-based military mission of an undisclosed Western country.
The malware was an updated version of GammaSteel, a data-stealing tool, according to Symantec researchers who analyzed the recent attacks. The report stated that the campaign was active in February and March.
However, the researchers did not describe the detachable drive. Following the infection, Gamaredon employed novel strategies to disguise its activities from both researchers and sufferers. Symantec says GammaSteel was deployed using a complicated, multi-stage attack chain.
Gamaredon, also known as Shuckworm and BlueAlpha, has been active since at least 2013 and is thought to operate from the Russian-annexed Crimean Peninsula under the supervision of Russia’s Federal Security Service (FSB). Since the start of the Russian invasion, the organisation has repeatedly targeted Ukraine. In 2023 alone, the country identified 277 cyber in
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: