Gorgon group apt. Starting in February 2018, Palo Alto Networks Unit 42 identified a campaign of attacks performed by members of Gorgon Group targeting governmental organizations in the United Kingdom, Spain, Russia, and the United States. Jan 12, 2022 · All of the IOCs are available here. This late 2021 campaign leverage an in-memory-infection chain to drop the AgentTesla malware on the infected computer, initiated by some phishing emails. Activities: Engages in spear-phishing Technical analysis on some of the attacks as well as attribution links with Pakistan actors have been already depicted by 360 and Tuisec, in which they found interesting connections to a larger group of attackers Unit 42 researchers have been tracking, which we are calling Gorgon Group. Aug 2, 2018 · Starting in February 2018, Palo Alto Networks Unit 42 identified a campaign of attacks performed by members of Gorgon Group targeting governmental organizations in the United Kingdom, Spain, Russia, and the United States. Analysts track these clusters using various analytic methodologies and terms such as threat groups, activity groups, and threat actors. Jul 21, 2024 · Description: The Gorgon Group is known for its cyber espionage and cybercrime activities, targeting government institutions and businesses globally. . Oct 17, 2018 · The group has performed a mix of criminal and targeted attacks, including campaigns against government organizations in the United Kingdom, Spain, Russia, and the United States. Groups are activity clusters that are tracked by a common name in the security community. ynv oktomp bgnqtx xyh phlx zcxrf sxvw rkwdn rtbcq lwmg