Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad

hackerworkspace@infosec.exchange

Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad

Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad

Identifier: TRR260501. Summary Investigating Gamaredon’s abuse of CVE-2025-8088, we identified a dozen waves of spearphishing emails against Ukrainian state institutions in a campaign that is still active, dating back to September 2025. These emails – spoofed or sent from compromised government accounts – deliver persistent, multi-stage VBScript downloaders that profile the infected system. In the […]

HarfangLab (harfanglab.io)

Read on HackerWorkspace: https://hackerworkspace.com/article/gamaredon-s-infection-chain-spoofed-emails-gammadrop-and-gammaload

#malware #cybersecurity #vulnerability