ESET Analysis
ESET researchers introduce the Gamaredon APT group, detailing its typical modus operandi, distinctive sufferer profile, huge assortment of instruments and social engineering ways, and even its estimated geolocation
13 Nov 2024
•
,
1 min. learn
When describing state-backed risk actors, one would most likely anticipate an excellent refined, stealthy group able to avoiding all alarms and defenses with surgical precision. With Gamaredon, most of that goes out the window as that is one noisy, extraordinarily lively Russia-aligned group that doesn’t care if defenders uncover its actions. Nevertheless, it’s also an actor that develops and improves its cyberespionage instruments and strategies actually on daily basis.
On this particular episode, ESET Principal Malware Researcher Robert Lipovský performs the host – in cooperation with our typical host Aryeh Goretsky – and questions ESET’s home professional on Gamaredon, Senior Malware Researcher Zoltán Rusnák. Within the debate, they introduce the risk actor, together with its customary modus operandi, unique victimology, huge assortment of superior instruments and social engineering methods, and even its estimated geolocation.
Nevertheless, these 23 minutes will cater largely to these within the technical particulars of Gamaredon’s spearphishing campaigns, strategies to weaponize Phrase paperwork and USB drives, approaches to keep away from area blocking, and more and more superior obfuscation. So should you’re a safety geek inquisitive about this type of risk intelligence, you’re up for a deal with.
To make our podcast definitely worth the whereas of defenders, Robert and Zoltan additionally included fairly a lot of preventive measures and suggestions that anybody sitting in a safety operations middle can use to hunt for Gamaredon’s exercise of their community – though that largely applies to organizations in Ukraine.
For full particulars on the place and the way the Russia-aligned risk actor Gamaradeon operates, learn extra in ESET’s not too long ago printed white paper. For extra safety analysis data, comply with ESET Analysis on X (previously often called Twitter) and browse our different blogposts, stories, and papers on WeLiveSecurity.com. Should you like what you hear, subscribe for extra on Spotify, Apple Podcasts, or PodBean.
