GALLIUM, is a threat actor believed to be targeting telecommunication providers over the world, mostly South-East Asia, Europe and Africa. To compromise targeted networks, GALLIUM target unpatched internet-facing services using publicly available exploits and have been known to target vulnerabilities in WildFly/JBoss.
Also known as
Red Dev 4, Alloy Taurus, Granite Typhoon, PHANTOM PANDA, Operation Soft Cell.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).