Who needs custom malware? ‘Govt-backed’ Gallmaker spy crew uses off-the-shelf wares

Likely state hackers make do with ‘living off the land’ and going after tardy Office patchers

By Shaun Nichols  10 Oct 2018


A newly discovered spy gang is eschewing boutique attack tools to instead use publicly available exploits against unpatched systems.


Known as Gallmaker, the cyber-espionage group is said to be targeting the embassies of an unnamed eastern European country and military defense installations in the Middle East. According to researchers at Symantec today, the crew has been operating since December of last year, relying entirely on code scraped from the public internet. We’re told the gang are “likely” to be backed by an unnamed government.


Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software