SYMBOLCOMMON_NAMEaka. SYNONYMS

TA575  (Back to overview)


TA575 is a Dridex affiliate tracked by Proofpoint since late 2020. This group distributes malware such as Dridex, Qakbot, and WastedLocker via malicious URLs, Office attachments, and password-protected files. On average, TA575 distributes almost 4,000 messages per campaign impacting hundreds of organizations.


Associated Families

There are currently no families associated with this actor.


References
2021-10-28ProofpointAxel F, Selena Larson
TA575 Uses ‘Squid Game’ Lures to Distribute Dridex malware
DoppelDridex TA575
2021-08-19BlackberryBlackBerry Research & Intelligence Team
BlackBerry Prevents: Threat Actor Group TA575 and Dridex Malware
Cobalt Strike Dridex TA575
2021-06-16ProofpointDaniel Blackford, Garrett M. Graff, Selena Larson
The First Step: Initial Access Leads to Ransomware
BazarBackdoor Egregor IcedID Maze QakBot REvil Ryuk TrickBot WastedLocker TA570 TA575 TA577

Credits: MISP Project