Proofpoint: Hackers testing new reconnaissance malware on financial institutions
Hackers appear to be testing a new strain of malicious software in phishing emails sent to commercial banks and other targets, researchers from the security vendor Proofpoint said in a report published Thursday. The malware, dubbed tRat, employs modular capabilities, meaning it infiltrates a target for reconnaissance purposes and maintains the ability to download malicious payloads in the future. Proofpoint says tRat is being used by a group known as TA505, and another unidentified threat actor that used tRat as recently as October. Researchers say they haven’t observed the remote access trojan (RAT) being used to download any other malware to victims’ systems, so purpose of this campaign remains unclear. “[W]e can only speculate on what the eventual capabilities of the RAT may be,” Chris Dawson, threat intelligence lead at Proofpoint, told CyberScoop in an email. Proofpoint describes TA505 as a financially motivated threat group that has been involved in distributing […]
The post Proofpoint: Hackers testing new reconnaissance malware on financial institutions appeared first on Cyberscoop.
Continue reading Proofpoint: Hackers testing new reconnaissance malware on financial institutions