Malicious Gamaredon TTPs Believed to Target Ukraine

Malicious Activity Aligning with Gamaredon TTPs Targets Ukraine

Russia-Sponsored APT Group, Gamaredon (Primitive Bear), Believed Responsible for Ukraine Targeting

The Anomali Threat Research (ATR) team has identified malicious activity that they believe is being conducted by the Russia-sponsored Advanced Persistent Threat (APT) group, Gamaredon (Primitive Bear). Lure documents observed appear to target Ukrainian entities such as diplomats, government employees, military officials, and more.

The object of this report is to highlight new Gamaredon tactics, techniques, and procedures (TTP) and share indicators of compromise (IOCs) to the security community for awareness and further analysis. You'll find: 

  • Current targeting landscape
  • Lure document analysis
  • Technical IOCs associated with the campaign 

Learn about the indicated risk to Ukranian government entities by APT threat group Gamaredon (Primitive Bear). 

Download Now!

NOTE: A valid email address is required to receive your requested asset.