Gallium APT Group

  • 27 June 2022
  • 0 replies
Gallium APT Group
Userlevel 5
Badge +3
  • Community Manager
  • 24 replies

Researchers from Palo Alto Networks defined the PingPull RAT as a "difficult-to-detect" backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.
Experts also found PingPull variants that use HTTPS and TCP for C2 communications instead of ICMP.
The cyberespionage group has started targeting financial institutions and government entities in Afghanistan, Australia, Belgium, Cambodia, Malaysia, Mozambique, the Philippines, Russia, and Vietnam. Unlike past attacks, the group started using the PingPull RAT.

0 replies

Be the first to reply!