You searched for TA505 | SC Media

Your search for TA505 returned 11 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Your search for TA505 returned 11 results

Sort Results:

Relevant Recent
Cybercrime, Malware, Phishing, Security News

TA505 phishing campaign uses HTML redirectors to spread info stealer

The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware. Following a short period of inactivity, the group, resumed activities last month with a scheme designed to get victims to install the information-stealing Trojan GraceWire,…
Security News

Change of stRATegy? Cybercrime group TA505 tests new tRAT malware

A newly discovered remote access trojan nicknamed tRAT has apparently attracted the interest of TA505, a cybercriminal group known for launching prolific banking malware and ransomware attacks. In a company blog post yesterday, researchers at Proofpoint reported observing  several phishing campaigns in September and October that attempted to infect victims with the malware. One of…
Cybercrime, Finance, Malware, Security News

TA505 cybergang debuts ‘AndroMut” downloader to deliver FlawedAmmyy RAT globally

The cybercriminal group TA505 appears to have launched two malware campaigns last June, delivering the FlawedAmmyy RAT to victims in multiple countries using the newly created downloader program AndroMut. Both campaigns infected victims using phishing emails with links for downloading Microsoft Word and Excel files, according to a July 2 blog post by Proofpoint If…
Cybercrime, Malware, Phishing, Security News

Pied Piper phishing scheme infests victims with FlawedAmmyy, RMS RATs

The cybercriminal threat group TA505 is a key suspect in an ongoing phishing campaign that’s been attempting to infect victims with the FlawedAmmyy and Remote Manipulator (RMS) remote access trojans. Dubbed Pied Piper, the campaign was observed targeting a supplier to several well-known food chains, including Godiva Chocolates, Yogurtland and Pinkberry, according to a Nov. 29 blog…
njRat
Cybercrime, Malware, Phishing, Security News

TA505 debuts Get2 downloader and SDBbot RAT in new phishing campaigns

The cybercriminal group TA505 has developed a new downloader tool and remote access trojan (RAT), both of which were observed in a sequence of phishing campaigns that began this past September. The downloader, named Get2, has been used in campaigns to deliver a variety of secondary payloads, including the FlawedGrace and FlawedAmmyy RATs and Snatch…
Ransomware, Security News

A tale of two ransomware attacks

Two schools, two ransomware attack and two different outcomes. The Allegheny Intermediate Unit school system was able to fend off a recent ransomware attack using back up files, meanwhile the University of Maastricht just disclosed it paid 30 bitcoins to regain control of its encrypted computer network. Allegheny Intermediate Unit (AIU), a regional public education…
Boxing glove
Cybercrime, Malware, Security News

Uptick in malware designed to size up targets before launching full payload

Threat actors such as the Cobalt Group and other APT gangs are using lightweight modular downloaders to scout and “fingerprint” target machines before launching their malware. Proofpoint researchers said the emergence of the AdvisorsBot and Marap malware, zero-day attacks carried out by the PowerPool group exploiting Microsoft ALPC, and Cobalt’s own custom CobInt code, indicate…
Coronavirus, Security News

Threat actors play on people’s desire to help cure Coronavirus

Much like the new cases of COVID-19 that occur daily, cybercriminals are constantly rolling out new tactics, techniques and procedures based on the pandemic. One of the newer attacks, first observed on March 7, uses a Coronavirus themed email to spread RedLine Stealer malware. This is described as a particularly well designed, written and developed…
Next post in Malware