skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

GamaCopy Group Mimics Gamaredon Tactics in Cyber Attacks

/ 1 min read

🦠 New cyber threat actor GamaCopy mimics Kremlin-aligned Gamaredon tactics. A recently identified group, GamaCopy, has been observed employing techniques similar to those of the Gamaredon hacking group in attacks against Russian-speaking entities. The Knownsec 404 Advanced Threat Intelligence team reported that GamaCopy’s operations involve using military-related content as bait to deploy UltraVNC for remote access. This campaign shares characteristics with another group, Core Werewolf, which has also targeted Russian organizations. The attacks utilize self-extracting archive files to deliver malicious payloads while disguising the UltraVNC executable as a Microsoft OneDrive file to evade detection. GamaCopy is among several threat actors exploiting the ongoing geopolitical tensions following the Russo-Ukrainian war.

Source
{entry.data.source.title}
Original