GAMARDON: TURNCOATS Hacking Ukrainian Restricted Spies

Russian government hackers, Perhaps more than any other nation is inclined to show. For example, the infamous sand unit in the Russian GRU Information Agency, for example, has aroused unprecedented shutdowns and published destructive and self -testing code. The Turla FSB group has kidnapped satellite internet connections to steal victims’ data from space. But a team of less vague cyber ducts who work on behalf of the Kremlin rarely receive the same announcement: Armageddon or Gimdon.

The hackers, who are believed to work in the service of the Russian FSB Information Agency, are not recognized because of their complexity. However, they have set the record for a few decades of almost constant spy violations, and are destroyed by simple and repetitive penetration methods year by year. According to cyber security defenders who track the group, thanks to the excessive amount of hacking efforts, they show some of the superior spy threats to Ukraine in the midst of their war with Russia.

“They are the most active hacker group in coordination with the government who have been attacking Ukrainian organizations so far,” says Robert Liposki, a malware researcher at the Slovak Eset Cyber ​​Security Company.

Liposky says Eset Gamaredon has tracked ESET Gamaredon as a violation of hundreds of victims in Ukraine and steals thousands of cases daily. “Their performance is very effective,” Liposky adds. “The volume of their great distinction is their big, and that’s what makes them dangerous.”

If the gamma does not behave like other Russian hacking groups, it is somewhat because some of them were not Russian nationals or were technically until 2014.

According to the Ukrainian government, Gamaredon hackers are stationed in Crimea, the Ukrainian Peninsula, which was seized by Russia following the Ukrainian squares. Some of them had previously worked on behalf of their Ukrainian security services before the Crimea Russia began.

“They are the FSB agent and the” Crimean “traitor who have been unable to the enemy.” A 2021 statement from the Ukrainian SBU intelligence agency, which claims the group has carried out more than 5,000 attacks on Ukrainian systems, including important infrastructure such as “power plants, heat source systems and water systems.”

The group’s initial access techniques are almost completely Spanish attacks-to victims of deceitful messages with malware attachments-as well as malicious code that can infect USB drives and broadcast from device to device, Liposky Eset says. These relatively basic tactics have been difficult to evolve because the group first appeared as a threat that appeared in late 2013 for Ukraine. However, with the tireless forms of hacking and targeting the practically every Ukrainian government and military organization – as well as the Allies of Ukraine in eastern Europe – daily gammers gammers as a serious and serious case.

“People sometimes don’t know how much” stability “plays in the right phrase,” says John Hultquist, a senior analyst at Google’s Threat Information Group. “They’re just relentless. And that can be a superpower.”

In October 2024, the Ukrainian government went so far as to punish two of the gamma hackers in absent for not only hacking offenses but also betrayal. A statement from SBU at the time, the two men – none of whom are named – accused their oath by voluntarily joining the FSB “.

For the former SBU Gamaredon hackers, turning on their former compatriots may not lead to the powers they hoped. Aside from the slogan of non -stop phishing campaigns, telephone communications between members of the SBU group appears to complain about their low wages and their lack of knowledge. “They should have given you medals,” said a member of the Russian conversation in a Russian conversation in a Russian conversation. “Once again wrapped up.”