GAMEFISH
GAMEFISH is one of the hacking tools used by the Fancy Bear APT group – cybercriminals who have been operating since 2004 and are likely to have ties to the Russian government. Since Fancy Bear is likely to be a government-sponsored group, it is not a surprise that their primary target groups are foreign politicians and high-profile targets. One of the relevant attacks that took advantage of the GAMEFISH downloader targeted French politicians before the 2018 French presidential elections.
GAMEFISH is believed to be used as a first-stage payload that has the ability to collect system and network information about the compromised host, as well as to receive commands that would instruct it to connect to a remote server and proceed to download and execute a secondary payload – it is known to be used in combination with Downdelph, Xagent, XTunnel or Usbstealer frequently. All of these are part of Fancy Bear’s hacking toolkit that consists of mostly privately developed malware.
Fancy Bear tends to reuse a lot of their software so that we are going to see more action from GAMEFISH at some point in the future. Of course, it is likely that the group also will improve the downloader to gain more relevant system details, as well as minimize the chances that it will be stopped by anti-virus software successfully.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.