TA505 APT Group Returns With New Techniques: Report

2020-02-03 18:48

TA505 - a sophisticated advanced persistent threat group that has targeted financial companies and retailers in several countries, including the U.S. - has returned with a campaign that uses HTML redirectors to deliver malicious Excel documents, according to Microsoft and other security researchers.

This threat group is believed to have caused over $100 million in losses over the years, according to the U.S. Treasury Department, which published a report about the group in December when it issued sanctions against some of its members.

Over the years, TA505 has been known to deploy new techniques when it starts a new spam or phishing campaign.

In its latest campaign, TA505 also uses HTML written in different languages, and the attackers deploy an IP trace-back service to track addresses of machines that download the malicious Excel file, according to Microsoft.

Security firm Prevailion has also published a new report that describes new activity associated with TA505.

News URL

https://www.inforisktoday.com/ta505-apt-group-returns-new-techniques-report-a-13678

#APT #aptgroup #report

News URL

Related news