Port 22

Shifting Tactics: Breaking Down TA505 Groups Use of HTML, RATs and Other Techniques in Latest Campaigns

In TA505 group’s latest campaign, they started using HTML attachments to deliver malicious .XLS files that lead to downloader and backdoor FlawedAmmyy, mostly to target users in South Korea. We also touch on the latest TA505 developments, including an email stealer, their use of legitimate software and MSI Installer, and more.

The post Shifting Tactics: Breaking Down TA505 Groups Use of HTML, RATs and Other Techniques in Latest Campaigns appeared first on .