G0092

G0092TA505

Description

[TA505](https://attack.mitre.org/groups/G0092) is a cyber criminal group that has been active since at least 2014. [TA505](https://attack.mitre.org/groups/G0092) is known for frequently changing malware, driving global trends in criminal malware distribution, and ransomware campaigns involving [Clop](https://attack.mitre.org/software/S0611).(Citation: Proofpoint TA505 Sep 2017)(Citation: Proofpoint TA505 June 2018)(Citation: Proofpoint TA505 Jan 2019)(Citation: NCC Group TA505)(Citation: Korean FSI TA505 2020)

References

  1. https://attack.mitre.org/groups/G0092
  2. https://www.fsec.or.kr/user/bbs/fsec/163/344/bbsDataView/1382.do?page=1&column=&search=&searchSDate=&searchEDate=&bbsDataCategory=
  3. https://securityintelligence.com/posts/ta505-continues-to-infect-networks-with-sdbbot-rat/
  4. https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
  5. https://www.proofpoint.com/us/threat-insight/post/ta505-shifts-times
  6. https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505
  7. https://research.nccgroup.com/2020/11/18/ta505-a-brief-history-of-their-time/

Software attributed to this2

TypeTargetConfidenceTier
SoftwareSDBbots0461100%live
SoftwareGet2s046095%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
TA459
Group
TA551
Group
FIN10
Group
APT12
Group
APT32
Group
Sowbug
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.