{"id":3901,"date":"2026-06-29T12:05:01","date_gmt":"2026-06-29T12:05:01","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/"},"modified":"2026-06-29T12:05:01","modified_gmt":"2026-06-29T12:05:01","slug":"gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/","title":{"rendered":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse"},"content":{"rendered":"<div>A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025.<\/p>\n<p>Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of the year. Primary targets of these<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-3901","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-29T12:05:01+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse\",\"datePublished\":\"2026-06-29T12:05:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\"},\"wordCount\":70,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\",\"name\":\"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-06-29T12:05:01+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/","og_locale":"en_US","og_type":"article","og_title":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited","og_description":"A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-06-29T12:05:01+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse","datePublished":"2026-06-29T12:05:01+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/"},"wordCount":70,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/","name":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-06-29T12:05:01+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/06\/29\/gamaredon-expands-ukraine-attacks-with-new-malware-and-cloud-service-abuse\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/3901","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=3901"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/3901\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=3901"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=3901"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=3901"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}