Likely state hackers make do with ‘living off the land’ and going after tardy Office patchers
A newly discovered spy gang is eschewing boutique attack tools to instead use publicly available exploits against unpatched systems.
Known as Gallmaker, the cyber-espionage group is said to be targeting the embassies of an unnamed eastern European country and military defense installations in the Middle East. According to researchers at Symantec today, the crew has been operating since December of last year, relying entirely on code scraped from the public internet. We’re told the gang are “likely” to be backed by an unnamed government.