Dossier
GammaWorm
Coverage of GammaWorm in the Nexus archive.
- Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group Gamaredon is exploiting a WinRAR vulnerability (CVE-2025-8088) to deliver malware families like GammaWorm, GammaSteel, and GammaPhish, targeting data theft and propagation. Sekoia reports that the attack chain uses a path traversal flaw in WinRAR to deploy an HTML Application payload for further malicious activity.