Threat Intelligence

Ukraine most relentlessly targeted by Gamaredon

Spyware and ransomware concept with digital glitch effect, spooky hooded hacker with magnifying glass stealing online identity nad hacking personal web accounts.

Ukraine has been subjected to increasingly robust cyberespionage campaigns by Russian state-sponsored hacking group Gamaredon, also known as Armageddon, which continues to be the most active state-backed operation against the country, reports The Record, a news site by cybersecurity firm Recorded Future.

Thousands of Ukrainian devices have been compromised by Gamaredon between 2022 and 2023, primarily through spear-phishing campaigns, an analysis from ESET showed. Despite its use of unsophisticated attack tools and lack of malicious activity concealment, Gamaredon has implemented frequent tool and obfuscation technique updates to bypass security solutions and ensure persistence in compromised systems, according to ESET researchers, who also noted that Ukraine will continue to be the primary target of the hacking operation despite intrusions against Bulgaria, Poland, Lithuania, and its other allies. Such findings come after Gamaredon was noted by Ukraine to be among the most dangerous threat actors amid its ongoing war with Russia.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds