ESET researchers introduce the Gamaredon APT group, detailing its typical modus operandi, distinctive sufferer profile, huge assortment of instruments and social engineering techniques, and even its estimated geolocation
13 Nov 2024
•
,
1 min. learn

When describing state-backed menace actors, one would in all probability anticipate an excellent refined, stealthy group able to avoiding all alarms and defenses with surgical precision. With Gamaredon, most of that goes out the window as that is one noisy, extraordinarily energetic Russia-aligned group that doesn’t care if defenders uncover its actions. Nonetheless, it is usually an actor that develops and improves its cyberespionage instruments and strategies actually day-after-day.
On this particular episode, ESET Principal Malware Researcher Robert Lipovský performs the host – in cooperation with our traditional host Aryeh Goretsky – and questions ESET’s home knowledgeable on Gamaredon, Senior Malware Researcher Zoltán Rusnák. Within the debate, they introduce the menace actor, together with its normal modus operandi, unique victimology, huge assortment of superior instruments and social engineering methods, and even its estimated geolocation.
Nonetheless, these 23 minutes will cater largely to these within the technical particulars of Gamaredon’s spearphishing campaigns, strategies to weaponize Phrase paperwork and USB drives, approaches to keep away from area blocking, and more and more superior obfuscation. So when you’re a safety geek focused on this type of menace intelligence, you’re up for a deal with.
To make our podcast definitely worth the whereas of defenders, Robert and Zoltan additionally included fairly a lot of preventive measures and ideas that anybody sitting in a safety operations middle can use to hunt for Gamaredon’s exercise of their community – though that largely applies to organizations in Ukraine.
For full particulars on the place and the way the Russia-aligned menace actor Gamaradeon operates, learn extra in ESET’s lately revealed white paper. For extra safety analysis info, observe ESET Analysis on X (formerly known as Twitter) and skim our different blogposts, experiences, and papers on WeLiveSecurity.com. In case you like what you hear, subscribe for extra on Spotify, Apple Podcasts, or PodBean.