For this week's Interesting Threat Byte, we bring you Happy Holidays from TA505! TA505 is the designation for Threat Actor 505, one of the most prolific threat actors observed by Proofpoint. TA505 was responsible for the largest Dridex, Locky, Jaff and The Trick campaigns. Due to the variety of malware delivered by this group, demonstrates their deep connections to the underground malware scene.
Read more >
Proofpoint has been watching TA505 for quite some time and has data dating back to 2014 when they launched their first Dridex campaign. When TA505 changes their tactics, other threat actors tend to follow. Just in time for the holidays, Proofpoint has noticed that TA505 is sending out fewer ransomware campaigns and instead focusing on smaller more targeted attacks. Why you ask? The value of cryptocurrency has dropped significantly, leading to threat actors looking for new and creative ways to get money from unsuspecting victims.