Russian state hackers, Perhaps more than those of any other country, tends to show. The The notorious sandworm unit For example, in Russia's GRU military intelligence agency, the unprecedented power failure was enabled and published a destroyer, self -copying. FSB's Turla group skillful Has attacked satellite Internet connections to steal victim's data from space. But a group of less working spatial networks work on behalf of Kremlin rarely earns the same notice: Armageddon or Gamaredon.
Hackers, is said to work in the service of Russia's FSB intelligence agency, is not known for their sophistication. However, they have gathered a record of a decade of violations focusing on almost continuous spies, crushing simple, repetitive intrusion methods, year after year. As a result, the large number of hacking efforts, they represent some of the leading spy threats that Ukraine faced between the war and Russia, according to cybersecurity guardians watching the group.
Robert Lipovsky, a toxic software researcher at the Slovakia Internet Security Company, said that they were the most active state -related hacker group to attack Ukrainian organizations, so far, Robert Lipovsky, a malware researcher at Slovakia Network Security Company Eset.
ESET watched Gamaredon when it violated the network of hundreds of victims in Ukraine, stealing thousands of daily files, Lipovsky said. Their activity is highly effective, “said Robert Lipovsky, a malware researcher at Ethethe.” The mass is their big difference, and that is what makes them dangerous.
If Gamaredon does not behave like other Russian hack groups, it is partly because some of them are not Russian citizens, or technically, until 2014.
According to the Ukrainian government, Gamaredon's hackers based in Crimea, the Ukrainian peninsula was arrested by Russia after the Maidan Revolution of Ukraine. Some of them have previously worked on behalf of Ukraine's security services before switching when Russia's Crimea occupied.
They were the officers of the FSB 'Crimean' and the traitors escaped the enemy, he read one 2021 Declaration from SBU Ukrainian intelligence agencyThe allegations of the group have made more than 5,000 attacks on Ukrainian systems including important infrastructure such as power plants, heat and water supply systems.
The initial access techniques of the group, LiPovsky of ESET, almost completely the simple attacks of the victims who are fake fake messages with malware attachments as well as malicious code can be infected into the USB drive and spread from the machine to the machine. These relatively basic tactics have not developed since the first group appeared as a threat to Ukraine in late 2013. However, by not tired of simple forms of hacking and targeting the reality of all Ukrainian governments and military organizations as well as Ukrainian allies.
John Hultquist, analyst of Google's threat, sometimes people do not realize a part of the 'perseverance' who plays a role in APT phrase. “They are constantly. And it can be a superpower.
In October 2024, the Ukrainian government went far away to the two hackers' hackers absent because not only hacked criminals but also treason. ONE Declaration from SBU At that time, the two men were accused, those people were named the one who betrayed their oath by voluntarily joining the FSB.
For Gamaredon's old SBU hackers, their old compatriots may not lead to the privileges they hope. Besides the clear slogan of their relentless fraud campaigns, blocking phone contacts among members of the group Published by SBU Appears to make them complain about their low wages and lack of recognition. They should give you a medal, a member of the group tells another member in the Russian conversation. Again, again.