TA578TA578

Also known as: TA578

Known aliases
1

Profile

TA578, a threat actor that Proofpoint researchers have been tracking since May of 2020. TA578 has previously been observed in email-based campaigns delivering Ursnif, IcedID, KPOT Stealer, Buer Loader, BazaLoader, and Cobalt Strike.

Aliases· 1

TA578

Compliance frameworks testing this (incoming)1

TypeTargetConfidenceTier
ComplianceControlcra-art14100%live

References

  1. https://www.proofpoint.com/us/blog/threat-insight/bumblebee-is-still-transforming

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
TA579
Actor
TA577
Actor
TA547
Actor
TA558
Actor
TA571
Actor
TA575
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.