The cybercriminal threat group TA505 is a key suspect in an ongoing phishing campaign that's been attempting to infect victims with the FlawedAmmyy and Remote Manipulator (RMS) remote access trojans.

Dubbed Pied Piper, the campaign was observed targeting a supplier to several well-known food chains, including Godiva Chocolates, Yogurtland and Pinkberry, according to a Nov. 29 blog post from Michael Gorelik, CTO and vice president of research and development at Morphisec, whose researchers uncovered the threat. "We can only assume others could also be hit soon, if the C&C servers aren't disabled," Gorelik said in the report.

Known to specialize in banking malware and ransomware, TA505 has recently displayed a growing interest in RAT malware, as evidenced by a similar report this month from Proofpoint, which linked TA505 to a a newly discovered remote access trojan nicknamed tRAT.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.