Malicious Activity Aligning with Gamaredon TTPs Targets Ukraine
Russia-Sponsored APT Group, Gamaredon (Primitive Bear), Believed Responsible for Ukraine Targeting
The Anomali Threat Research (ATR) team has identified malicious activity that they believe is being conducted by the Russia-sponsored Advanced Persistent Threat (APT) group, Gamaredon (Primitive Bear). Lure documents observed appear to target Ukrainian entities such as diplomats, government employees, military officials, and more.
The object of this report is to highlight new Gamaredon tactics, techniques, and procedures (TTP) and share indicators of compromise (IOCs) to the security community for awareness and further analysis. You'll find:
- Current targeting landscape
- Lure document analysis
- Technical IOCs associated with the campaign
Learn about the indicated risk to Ukranian government entities by APT threat group Gamaredon (Primitive Bear).