Father
Professional
- Messages
- 2,602
- Reaction score
- 763
- Points
- 113
Hackers targeted the hotel, finance and manufacturing industries.
A cybercrime group known as TA558 has launched a massive phishing campaign targeting a wide range of industries in Latin America to distribute the Venom RAT malware.
The main targets of the attacks were the hotel, travel, trade, finance, manufacturing, industry and government structures in Spain, Mexico, the United States, Colombia, Portugal, Brazil, the Dominican Republic and Argentina.
Active since 2018, the TA558 group has a rich history of attacking organizations in the Latin American region using various types of malware, such as Loda RAT, Vjw0rm, and Revenge RAT.
According to Idan Tarab, a researcher at Perception Point, the latest infection chain uses phishing emails as an initial access vector to spread Venom RAT, an advanced version of Quasar RAT that can steal confidential data and remotely control systems.
The disclosure of information about this threat occurred at about the same time when researchers observed the active use of the DarkGate malware downloader by intruders. One EclecticIQ researcher noted that groups using ransomware are increasingly using DarkGate for the initial penetration and distribution of various types of malware in corporate networks, including information theft programs, ransomware programs, and remote management tools.
A cybercrime group known as TA558 has launched a massive phishing campaign targeting a wide range of industries in Latin America to distribute the Venom RAT malware.
The main targets of the attacks were the hotel, travel, trade, finance, manufacturing, industry and government structures in Spain, Mexico, the United States, Colombia, Portugal, Brazil, the Dominican Republic and Argentina.
Active since 2018, the TA558 group has a rich history of attacking organizations in the Latin American region using various types of malware, such as Loda RAT, Vjw0rm, and Revenge RAT.
According to Idan Tarab, a researcher at Perception Point, the latest infection chain uses phishing emails as an initial access vector to spread Venom RAT, an advanced version of Quasar RAT that can steal confidential data and remotely control systems.
The disclosure of information about this threat occurred at about the same time when researchers observed the active use of the DarkGate malware downloader by intruders. One EclecticIQ researcher noted that groups using ransomware are increasingly using DarkGate for the initial penetration and distribution of various types of malware in corporate networks, including information theft programs, ransomware programs, and remote management tools.
