;

TA505 launches fresh attacks on financial organizations in Singapore, UAE and U.S.

TA505 launches fresh attacks on financial organizations in Singapore, UAE and U.S.

The TA505 group began the campaign last month through tens of thousands of malicious emails, according to researchers at cybersecurity company Proofpoint.

The new code is the latest innovation from the group, which is one of the more prolific and adept financially motivated cybercrime organizations. The Windows-based Locky, which emerged in 2016, yielded more than $200 million in ransom payments at its height, according to one estimate.

This time, the group is deploying a new piece of malware to download an old remote access tool (RAT) that could have let it steal credentials from a target computer, Proofpoint said. The malware was downloaded in quarantined environments and not at customer sites, meaning there is no evidence that it compromised target networks, said Chris Dawson, threat intelligence lead at Proofpoint.

admin

Read Previous

Senate passes cybersecurity bill to decrease grid digitization, move toward manual control

Read Next

Facebook’s Libra Cryptocurrency: A Technical Deep Dive

Leave a Reply

Your email address will not be published. Required fields are marked *