Russia-Linked Gamaredon APT Starts Stealing Data From Victims Between 30 and 50 Minutes After the Initial Compromise
The Russia-linked APT group employs spear-phishing emails and messages, such as on Telegram and Signal, to trick victims into opening malicious attachments. Gamaredon uses malware and PowerShell scripts for reconnaissance and executing commands.