Ukraine subjected to intensified Gamaredon attacks

Ukraine has been facing a continuous onslaught of attacks against its state services from Russian hacking group Gamaredon, also known as Armageddon, with the country's Computer Emergency Response Team noting the group's targeting of an information infrastructure facility and thousands of government computers, according to The Record, a news site by cybersecurity firm Recorded Future. Gamaredon has been noted by ESET researcher Robert Lipovsky to have escalated malware development and phishing operations this year, while CERT-UA said that the group has also continuously evolved its tools and tactics in an effort to better bypass detection. Phishing messages delivered via compromised messaging accounts are typically used by Gamaredon to achieve initial access before leveraging the GammaSteel information-stealing malware to facilitate data exfiltration within 30 to 50 minutes, according to CERT-UA. While lacking in sophistication, Gamaredon has become a formidable threat due to its persistence, said Symantec threat intelligence analyst Dick O'Brien.