Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

December 8, 2024

The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.
The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said in a new analysis.

About The Author

See author's posts

Post Views: 3

Categories

Leave a Reply Cancel reply

Related Stories

ESET APT Activity Report Q2 2024–Q3 2024: Key findings

Firefox and Windows zero days chained to deliver the RomCom backdoor

Kathryn Thornton: Correcting Hubble’s vision | Starmus Highlights

AF themes

You may have missed

ESET APT Activity Report Q2 2024–Q3 2024: Key findings

Kathryn Thornton: Correcting Hubble’s vision | Starmus Highlights

Firefox and Windows zero days chained to deliver the RomCom backdoor

Bootkitty: Analyzing the first UEFI bootkit for Linux

About AF themes

Recent Posts

Connect with Us

About The Author

Leave a Reply Cancel reply

Related Stories

ESET APT Activity Report Q2 2024–Q3 2024: Key findings

Firefox and Windows zero days chained to deliver the RomCom backdoor

Kathryn Thornton: Correcting Hubble’s vision | Starmus Highlights

You may have missed

ESET APT Activity Report Q2 2024–Q3 2024: Key findings

Kathryn Thornton: Correcting Hubble’s vision | Starmus Highlights

Firefox and Windows zero days chained to deliver the RomCom backdoor

Bootkitty: Analyzing the first UEFI bootkit for Linux