SYMBOL | COMMON_NAME | aka. SYNONYMS |
Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. In the past, the Gamaredon Group has relied heavily on off-the-shelf tools. Our new research shows the Gamaredon Group have made a shift to custom-developed malware. We believe this shift indicates the Gamaredon Group have improved their technical capabilities.
2020-06-18 ⋅ ESET Research ⋅ Digging up InvisiMole’s hidden arsenal InvisiMole Gamaredon Group InvisiMole |
2020-06-16 ⋅ Intezer ⋅ ELF Malware Analysis 101: Linux Threats No Longer an Afterthought Cloud Snooper Dacls EvilGnome HiddenWasp MESSAGETAP NOTROBIN QNAPCrypt Winnti |
2020-03-04 ⋅ CrowdStrike ⋅ 2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Ransomware Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot vidar Winnti ANTHROPOID SPIDER Anunak APT31 APT39 BlackTech BuhTrap Charming Kitten CLOCKWORD SPIDER DOPPEL SPIDER Gamaredon Group Leviathan MONTY SPIDER Mustang Panda NARWHAL SPIDER NOCTURNAL SPIDER Pinchy Spider Pirate Panda Salty Spider SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER |
2020-02-17 ⋅ Yoroi ⋅ Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign Pteranodon |
2020-02-13 ⋅ Elastic ⋅ Playing defense against Gamaredon Group Pteranodon |
2020-02-05 ⋅ SentinelOne ⋅ Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting Pteranodon |
2019-09-10 ⋅ Github (StrangerealIntel) ⋅ Gamaredon Analysis Gamaredon Group |
2019-07-17 ⋅ Intezer ⋅ EvilGnome: Rare Malware Spying on Linux Desktop Users EvilGnome |
2019-02-07 ⋅ ThreatStop ⋅ An Inside Look at the Infrastructure Behind the Russian APT Gamaredon Group Pteranodon |
2019-01-07 ⋅ Let's Learn: Deeper Dive into Gamaredon Group Pteranodon Implant Version '_512' Pteranodon |
2019 ⋅ MITRE ⋅ Group description: Gamaredon Group Gamaredon Group |
2018-11-15 ⋅ Cert-UA ⋅ Виявлена підготовка до проведення кібератаки з використанням ШПЗ типу Pterodo Pteranodon |
2018-09-03 ⋅ Cert-UA ⋅ Bulk mailing of spyware like Pterodo Pteranodon |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Gamaredon Group |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Pteranodon |
2017-02-27 ⋅ Palo Alto Networks Unit 42 ⋅ The Gamaredon Group Toolset Evolution Gamaredon Group |
2016-06-25 ⋅ NSHC ⋅ SectorC08: Multi-Layered SFX in Recent Campaigns Target Ukraine Pteranodon |
2015-04-28 ⋅ LookingGlass ⋅ Operation Armageddon: Cyber Espionage as a Strategic Component of Russian Modern Warfare Gamaredon Group |