News

Gamaredon Abuses Telegram To Target Ukrainian Government Organizations

  • 24 January 2023
  • 0 replies
  • 1 view
Gamaredon Abuses Telegram To Target Ukrainian Government Organizations
Badge +1

The Gamaredon APT group was discovered targeting Ukrainian government entities using the Telegram messaging service to avoid traditional network detection.
The Telegram messaging application was used in several stages, from victim profiling to delivering the final payload.
The initial infection vector was weaponized spear-phishing documents written in the Russian and Ukrainian languages.
The threat actor exploited a remote template injection vulnerability to compromise adversarial infrastructure with malware and bypass Microsoft Word macro protection.
After the malicious document was opened, the malware downloaded a Visual Basic script from a specific address which connected to a Telegram account to get additional instructions.


0 replies

Be the first to reply!

Reply