[Report] Legit Remote Access Tools Turn Into Threat Actors' Tools

A rising global trend has noted more sophisticated attacks launched by threat actors such as the spear-phishing campaign targeting US-based retailers detected by CyberInt in December 2018. As a result, CyberInt has been tracking various activities surrounding this and other similar attacks where legit means were used to hack international companies in the retail & financial industries over the past several months. 


This report contains key research findings on the following issues:

  • Recent attacks against global retailers and financial institutions attributed to TA505, a suspected Russian speaking threat group
  • Group motives – financial benefits over political backing
  • Group activities since 2014, distribution of high-volume malicious email campaigns, including the distribution of the “Dridex” and “Shifu” banking trojans as well as the Neutrino botnet/exploit kit and Locky ransomware
  • Attacks against financial institutions in Chile, India, Italy, Malawi, Pakistan and South Korea
  • Attacks against retailers in the United States
  • Campaign Modus Operandi

Get the full report sent to your inbox now!

Download the full report today!