Summary: The Russia-backed threat group Gamaredon has escalated its cyber offensive against Ukraine, employing a more sophisticated version of its malware, GammaSteel, through an infected removable drive to target a military mission. Researchers from Symantec highlighted the group’s evolving tactics, which include advanced methods for concealing their activities and a focus on espionage against Ukrainian defense services. This incident signals an increased sophistication in Gamaredon’s operations, contradicting previous perceptions of their skill level.
Affected: Ukraine-based military mission of an unnamed Western country
Keypoints :
- Gamaredon utilized an infected removable drive to spread malware targeting a Ukraine-based military mission.
- The malware deployed was an updated version of GammaSteel, capable of stealing data.
- The threat group has been active since 2013 and is known for targeting Ukrainian security and defense services, with 277 incidents reported in 2023 alone.
- Researchers noted a marked increase in Gamaredon’s sophistication, incorporating obfuscation techniques and legitimate web services in their attacks.
- The group’s previous activities include cyberespionage and a destructive attack on information infrastructure.
Source: https://therecord.media/gamaredon-removable-drive-malware-western-military-mission-ukraine
Views: 16