Gamaredon APT cyber feud strikes Ukrainian entities

Threat Level – Red | Vulnerability Report
Download PDF

One of the most ubiquitous, intrusive, consistently active, and laser-focused APTs targeting Ukraine in cyberspace is the Gamaredon group, also known as the Shuckworm. Gamaredon Group has employed fast flux DNS to improve functional efficacy. Fast flux DNS pivots through multiple IPs frequently, using each for a brief time to make IP-based block listing challenging. Threat actors frequently hijack legitimate services to query IP addresses in order to avoid DNS logging for malicious domains.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cyber Horizons 2025

What Last Year’s Attacks Reveal About Today’s Risks

Watch the Webinar on-demand and get a FREE copy of our Cyber Horizons 2025 report.

Our Speakers
Speaker 1

Prateek Bhajanka Global Field CISO & Former Gartner Analyst Hive Pro Inc.

Speaker 2

Ankit Mani Manager Threat Intel HiveForce Labs

Speaker 3

Sreevani Tonipe Senior Threat Researcher HiveForce Labs