ESET Analysis
ESET researchers introduce the Gamaredon APT group, detailing its typical modus operandi, distinctive sufferer profile, huge assortment of instruments and social engineering ways, and even its estimated geolocation
13 Nov 2024
•
,
1 min. learn
When describing state-backed menace actors, one would most likely count on an excellent subtle, stealthy group able to avoiding all alarms and defenses with surgical precision. With Gamaredon, most of that goes out the window as that is one noisy, extraordinarily lively Russia-aligned group that doesn’t care if defenders uncover its actions. Nonetheless, it is usually an actor that develops and improves its cyberespionage instruments and methods actually every single day.
On this particular episode, ESET Principal Malware Researcher Robert Lipovský performs the host – in cooperation with our normal host Aryeh Goretsky – and questions ESET’s home professional on Gamaredon, Senior Malware Researcher Zoltán Rusnák. Within the debate, they introduce the menace actor, together with its commonplace modus operandi, unique victimology, huge assortment of superior instruments and social engineering tips, and even its estimated geolocation.
Nonetheless, these 23 minutes will cater largely to these within the technical particulars of Gamaredon’s spearphishing campaigns, methods to weaponize Phrase paperwork and USB drives, approaches to keep away from area blocking, and more and more superior obfuscation. So in the event you’re a safety geek excited by this type of menace intelligence, you’re up for a deal with.
To make our podcast definitely worth the whereas of defenders, Robert and Zoltan additionally included fairly a lot of preventive measures and ideas that anybody sitting in a safety operations middle can use to hunt for Gamaredon’s exercise of their community – though that largely applies to organizations in Ukraine.
For full particulars on the place and the way the Russia-aligned menace actor Gamaradeon operates, learn extra in ESET’s not too long ago revealed white paper. For extra safety analysis info, comply with ESET Analysis on X (previously generally known as Twitter) and browse our different blogposts, stories, and papers on WeLiveSecurity.com. In the event you like what you hear, subscribe for extra on Spotify, Apple Podcasts, or PodBean.
