Wednesday, October 27, 2021

TA575/Dridex

The BlackBerry® Research & Intelligence team has been tracking and monitoring Cobalt Strike team servers associated with the threat actor TA575, a financially motivated cybercrime group and prolific Dridex affiliate. They are well-known for conducting mass spam campaigns that use malicious document lures to deliver malware such as Dridex, Qakbot, and WastedLocker.

Since February 2021, TA575 have deployed over 50 Cobalt Strike team servers. These servers use unique values in their configurations…

Read More

Latest news
Related news