Uptime Hamster: 1d 9h 16mDeploy: 13 Jul 2026 10:50Updated: 2026-07-13
Logo del actor de amenaza Gallmaker

Gallmaker

1 incidentes 1 paises 0 sectores apt null Ultimo: 2026-05-25
Aliases: symantec-enterprise-blogs
Ver en IntelTracker → APTTrail →
Gallmaker is a cyber espionage group that first emerged in December 2017, distinguishing itself by exclusively employing living-off-the-land (LotL) tactics and publicly available tools rather than custom malware to evade detection. This approach allows them to operate stealthily within victim environments, using native Windows features and scripts. The group's primary motivation is cyber espionage, consistently targeting government, military, and defense sectors globally, particularly focusing on unnamed Eastern European countries and entities in the Middle East. Identified by MITRE ATT&CK as G0084, Gallmaker is assessed with high confidence to be a state-sponsored entity due to its highly targeted nature and consistent operational focus.

Aliases del actor

symantec-enterprise-blogs

Actores similares

symantecactor · 1
Motivacion