Skip to content
The Nexus
DossierENTITY

Gamaredon

Coverage of Gamaredon in the Nexus archive.

Earliest in view: Jun 2 · 18:21 UTCMost recent: Jun 29 · 11:40 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 29 · 11:40 UTCTHE HACKER NEWS
    Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

    A Russian advanced persistent threat (APT) group, Gamaredon, has expanded its cyber attacks against Ukraine in 2025 by deploying new malware and abusing cloud services. Slovakian cybersecurity company ESET reported 35 spear-phishing campaigns conducted by Gamaredon, primarily targeting new entities in the second half of the year.

  • SECURITYJun 25 · 21:12 UTCDARK READING
    Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses

    The Russian state-sponsored APT group Gamaredon has enhanced its capabilities by improving malware deployment and server concealment techniques. This upgrade necessitates the development of new defensive strategies to counter their activities.

  • SECURITYJun 2 · 18:21 UTCTHE HACKER NEWS
    Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

    The Russian hacking group Gamaredon is exploiting a WinRAR vulnerability (CVE-2025-8088) to deliver malware families like GammaWorm, GammaSteel, and GammaPhish, targeting data theft and propagation. Sekoia reports that the attack chain uses a path traversal flaw in WinRAR to deploy an HTML Application payload for further malicious activity.

Gamaredon · Dossier · The Nexus