Intel Name: From russia with a 71′: uncovering gamaredon’s fast flux infrastructure
Date of Scan: April 7, 2025
Impact: High
Summary: Gamaredon—also known as Primitive Bear, Actinium, or Shuckworm—is a Russian Advanced Persistent Threat (APT) group active since at least 2013. While historically targeting the US and Indian Subcontinent, their recent focus has shifted toward Ukraine, including attacks on Western government entities. Unlike typical hit-and-run APT operations, Gamaredon conducts persistent, highly obfuscated, and notably aggressive campaigns. Their tactics reflect a bold and sustained approach uncommon among other threat actors.
