TA505 launches fresh attacks on financial organizations in Singapore, UAE and U.S.
Far from a one-trick pony, TA505’s recent documented activity hasn’t involved ransomware as the group has looked for other ways to make money.
TA505 hackers thwarted at the door of a big financial org
“[T]he malware was signed mere hours prior to the attack – an indication of the operation’s deliberate timeline and nature," a Cybereason researcher said.
Proofpoint: Hackers testing new reconnaissance malware on financial institutions
Proofpoint suggests that tRat is part of a trend of malware becoming more modular in order to provide attackers with more value in the long haul.