TA578

TA578, a threat actor that Proofpoint researchers have been tracking since May of 2020. TA578 has previously been observed in email-based campaigns delivering Ursnif, IcedID, KPOT Stealer, Buer Loader, BazaLoader, and Cobalt Strike.

References

• proofpoint.com

Actor metadata imported from Malpedia (Fraunhofer FKIE).