A new cyber group appears to have been targeting government and military organizations this past year as part of an espionage campaign, a security firm said on Wednesday.
Symantec researchers say they have discovered a new cyber group that they’ve dubbed “Gallmaker,” which has carried out highly targeted attacks against targets such as overseas embassies in an Eastern European country as well as military and defense targets in the Middle East.
Symantec says that the group is likely state-sponsored.
“Gallmaker’s activity appears to be highly targeted, with its victims all related to government, military, or defense sectors,” a Symantec blog post reads, noting that the attacks are “unlikely to be random or accidental.”
“Gallmaker’s activity points strongly to it being a cyber espionage campaign, likely carried out by a
state-sponsored group,” it continues.
Researchers at Symantec, who first detected Gallmaker’s activities in December 2017, said the most recent Gallmaker activity they’ve observed was in June 2018.
The company says Gallmaker’s attacks are difficult to observe because it uses ” ‘living off the land’ tactics