Discover and read the best of Twitter Threads about #Gamaredon

Most recents (2)

Thread on #APT grps, #hacktivists, #Ransomware gangs with their ‘likely’ associations (as per TTPs and reports) that are playing a significant role in impending #Ukraine #Russian conflict. Correct me if i am wrong or missing any one. 1/
Firstly on Russian 🇷🇺side there are #GhostWriter (#Belarus Govt Backed) #CozyBear (Russian Foreign Intel aka #SVR) #UNC1151 (Minsk based) #FancyBears & #SandWorm (Russian Military Intel aka #GRU) #Turla and #Gamaredon (Russian Internal Intel #FSB Former KGB) 2/
Read 7 tweets
#ESETresearch unearths modus operandi of the elusive #InvisiMole group, digging up their arsenal used to stay invisible. Our investigation also shows previously unknown ties between InvisiMole and #Gamaredon groups welivesecurity.com/2020/06/18/dig… @cherepanov74 @zuzana_hromcova 1/9
#InvisiMole #APT group resurfaced in targeted attacks against high-profile organizations in Eastern Europe, targeting military sector and diplomatic missions. We previously documented their two feature-rich backdoors RC2CL and RC2FM; now we reveal the rest of their TTPs. 2/9
We discovered that the most interesting targets of #Gamaredon are upgraded to far stealthier #InvisiMole spyware, with Gamaredon’s .NET downloader delivering InvisiMole’s TCP downloader. This cooperation allows InvisiMole to devise creative ways to operate under the radar. 3/9
Read 9 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!