Security News > 2022 > February > Researchers discover common threat actor behind aviation and defense malware campaigns
Researchers discover common threat actor behind aviation and defense malware campaigns.
Security researchers at Proofpoint have announced their discovery of a common threat actor behind attacks reported by Cisco Talos, Microsoft and others, and they say that the group has been active since at least 2017.
"Typically, its malware campaigns include hundreds to thousands of messages. Campaigns impact hundreds of organizations globally, with recurring targets in North America, Europe and the Middle East. Messages are nearly always in English," the report said.
Files containing malicious scripts that download malware are a common technique, and Proofpoint said that TA2541 has used that method in past campaigns.
"Proofpoint assesses with high confidence this threat actor will continue using the same tactics, techniques and procedures observed in historic activity with minimal change to its lure themes, delivery and installation," the report said.
Also See Share: Researchers discover common threat actor behind aviation and defense malware campaigns.