Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-06 02:57:34 UTC
Home > List all groups > List all tools > List all groups using tool GnatSpy
 Tool: GnatSpy
Names GnatSpy
Category Malware
Type Backdoor, Info stealer
Description
(Trend Micro) The capabilities of GnatSpy are similar to early versions of VAMP.
However, there have been some changes in its behavior that highlight the increasing
sophistication of this particular threat actor.
The structure of the new GnatSpy variants is very different from previous variants. More
receivers and services have been added, making this malware more capable and modular.
We believe this indicates that GnatSpy was designed by someone with more knowledge in
good software design practices compared to previous authors.
Information
Malpedia AlienVault OTX Last change to this tool card: 28 December 2021
Download this tool card in JSON format
All groups using tool GnatSpy
Changed Name Country Observed
APT groups
 Desert Falcons [Gaza] 2011-Oct 2023
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=317172df-e1b1-4816-aa5a-4b3504e123b6
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=317172df-e1b1-4816-aa5a-4b3504e123b6
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=317172df-e1b1-4816-aa5a-4b3504e123b6
Page 2 of 2

APT groups Desert Falcons [Gaza] 2011-Oct 2023
1 group listed (1 APT, 0 other, 0 unknown) 
   Page 1 of 2