"Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram"
Gamaredon, a Russian state-sponsored cyber espionage group, has maintained its digital aggression against Ukraine, with new operations involving the popular messaging app Telegram to target the country's military and law enforcement. The BlackBerry Research and Intelligence Team stated that the Gamaredon group's network infrastructure relies on multi-stage Telegram accounts for victim profiling and validation of geographic location, and then takes the victim to the next stage server for the final payload. This strategy to infect target systems is said to be new. Since at least 2013, Gamaredon, also known as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, and Winterflounder, has been notorious for its attacks against Ukrainian entities. This article continues to discuss the Gamaredon group's attack chains.
