TI Mindmap HUB
Threat Intelligence Report

FSB’s matryoshka #3/3 – Gamaredon’s gifts that keeps unpacking – GammaSteel

📅 June 4, 2026 📰 blog.sekoia.io 🔍 0 CVE(s) referenced

Gamaredon, a Russian FSB-operated cyberespionage group, has deployed a highly resilient, modular, and nearly fileless malware arsenal—leveraging advanced obfuscation, Windows-native features, and legitimate cloud infrastructure—to stealthily exfiltrate sensitive Ukrainian data while maintaining persistent, covert access and rapid adaptability.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle