This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Jan 23, 2020
Russia-Sponsored APT Group, Gamaredon (Primitive Bear), Believed Responsible for Ukraine Targeting
The Anomali Threat Research (ATR) team has identified malicious activity that they believe is being conducted by the Russia-sponsored Advanced Persistent Threat (APT) group, Gamaredon (Primitive Bear). Lure documents observed appear to target Ukrainian entities such as diplomats, government employees, military officials, and more.
The object of this report is to highlight new Gamaredon tactics, techniques, and procedures (TTP) and share indicators of compromise (IOCs) to the security community for awareness and further analysis. You'll find:
• Current targeting landscape
• Lure document analysis
• Technical IOCs associated with the campaign
Learn about the indicated risk to Ukrainian government entities by APT threat group Gamaredon (Primitive Bear).