Zydeca Cass, Axel F, Crista Giering, Matthew Mesa, Georgi Mladenov, and Brandon Murphy
The prominent TA505 has returned to distributing large volumes of malicious emails affecting most industries.
New tools include a KiXtart Loader, the MirrorBlast loader, an updated FlawedGrace variant, and updated malicious Excel attachments.
One of the region-specific campaigns targeted German-speaking countries, notably Germany and Austria.
The campaigns share many similarities with TA505 …