A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.
![]()
source https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html
source https://thehackernews.com/2025/01/gamacopy-mimics-gamaredon-tactics-in.html