Symantec Uncovers New Cyber Espionage Group Targeting Government, Military and Defense Sectors

MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)–Nov 8, 2018–Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has discovered a previously unknown attack group with the help of Symantec’s artificial intelligence-based Targeted Attack Analytics (TAA) technology. Dubbed Gallmaker, Symantec researchers discovered the group targets government and military organizations, including several overseas embassies of an Eastern European country and military and defense targets in the Middle East.

Gallmaker shuns malware to compromise organizations, instead relying on publicly available hack tools and software already installed on targeted computers. Such techniques, known as living off the land, have become increasingly popular for attackers, as they can be difficult for traditional security tools to detect. Gallmaker notably sends a Microsoft Office document that would be of interest to the organizations it seeks to compromise, exploiting an unsecure protocol in Office to gain access to victim machines, thus infiltrating their network. The group has been

... read more at: