Symantec Threat Intelligence – New Attack Group
Symantec Threat Intelligence – New Attack Group ‘Gallmaker’ Targets Governments and Militaries
Symantec researchers have discovered a new cyber espionage group, dubbed Gallmaker, that has waged targeted attacks against government and military organizations since December 2017 with its most recent activity observed in June 2018.
Gallmaker’s attacks are highly targeted, which strongly points to it being a cyber espionage campaign. Their targets include several overseas embassies and military and defense targets. Notably, the attack group doesn’t deploy malware in its operations but has been observed using “living off the land” tactics and publicly available hack tools to carry out attacks, making its activities extremely difficult to detect.
The group was discovered by Symantec’s Targeted Attack Analytics technology. Since its inception, TAA has detected security incidents at thousands of organisations, automating what would have taken many hours of analyst time.
To read the full Symantec Threat Intelligence Report please go to https://www.symantec.com/blogs/threat-intelligence/gallmaker-attack-group.