[Report] Legit Remote Access Tools Turn Into Threat Actors' Tools
A rising global trend has noted more sophisticated attacks launched by threat actors such as the spear-phishing campaign targeting US-based retailers detected by CyberInt in December 2018. As a result, CyberInt has been tracking various activities surrounding this and other similar attacks where legit means were used to hack international companies in the retail & financial industries over the past several months.
This report contains key research findings on the following issues:
- Recent attacks against global retailers and financial institutions attributed to TA505, a suspected Russian speaking threat group
- Group motives – financial benefits over political backing
- Group activities since 2014, distribution of high-volume malicious email campaigns, including the distribution of the “Dridex” and “Shifu” banking trojans as well as the Neutrino botnet/exploit kit and Locky ransomware
- Attacks against financial institutions in Chile, India, Italy, Malawi, Pakistan and South Korea
- Attacks against retailers in the United States
- Campaign Modus Operandi
Get the full report sent to your inbox now!