Home Resources Blog New Threat Group Conducts Malwareless Cyber Espionage

New Threat Group Conducts Malwareless Cyber Espionage

Cybercriminals seeking to avoid detection by antimalware defenses have increasingly begun using legitimate hacking tools and tactics — in addition to their own malware — to break into enterprise networks and literally hide in plain sight. Now a new and likely state-sponsored threat group has emerged that isn’t using any custom malware at all.

Instead, the group is exclusively relying on publicly available hacking tools and living-off-the-land tactics to conduct an especially stealthy and hard-to-detect cyber espionage campaign.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Symantec, which was the first to spot the group, has named it Gallmaker.

The group’s modus operandi has been to send Office lure documents to individuals at targeted organizations which when opened give the attackers a way to remotely execute commands in the victim system’s memory using Microsoft’s Office Dynamic Data Exchange (DDE) protocol.

Once on a system, the attackers have then been executing various tools in memory on the victim system, making their activities hard to spot and to stop.

Graphic of locks and binary code representing cybersecurity themes.

Read more: Dark Reading

Latest Articles

Cloud Security
Why C-Suite Executives Are Switching from VPNs to ZTNA

Hybrid workforces and cloud-first strategies have exposed the cracks in VPNs. Designed for simpler times, these legacy tools now create more problems than they solve. They slow your team down, leave security gaps, and make scaling a headache. How do you secure remote access without these hurdles? The answer is Zero Trust Network Access (ZTNA). […]

29th April, 2025
Web Security
Weak Defences: The Most Hackable Sports Passwords

We get it. Thinking of another password that you haven’t used before can be frustrating – especially when we have to change or update our passwords so regularly. But while it might be tempting to use your favourite sports teams and clubs as passwords, it’s a risky move for your cyber security.  Using unique passwords […]

7th April, 2025
Web Security
Solving Network Security Issues for Rapidly Growing Global Businesses

Introduction Ryohin Keikaku is a global manufacturing and retail company that handles everything from product planning to sales for products known as “Mujirushi-Ryohin” in Japan and “MUJI” overseas. To keep pace with its rapid expansion—adding 100 new stores annually in Japan—and its growing global presence, now spanning 225 locations across 20 countries, including 50 stores […]

3rd April, 2025
Back to Resources

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services