NAME:
Gorgon

Alias
Gorgon Group, Gorgon

Description:
Gorgon Group is a threat group consisting of members who are suspected to be Pakistan-based or have other connections to Pakistan. Palo Alto revealed a mix of criminal and targeted attacks carried out by this group, including campaigns against government organizations in the United Kingdom, Spain, Russia, and the United States. They are involved in both targeted and criminal attacks.

According to the analysis of QiAnXin Threat Intelligence Center, Gorgon Group may link to Pakistan actors and relate to ProjectM.

References:
https://researchcenter.paloaltonetworks.com/2018/08/unit42-gorgon-group-slithering-nation-state-cybercrime/
https://researchcenter.paloaltonetworks.com/2017/10/unit42-tracking-subaat-targeted-phishing-attacks-point-leader-threat-actors-repository/
https://ti.qianxin.com/blog/articles/analysis-of-office-ole-sample/
https://paper.tuisec.win/detail/eaff0936fcdaaa6