SYMBOLCOMMON_NAMEaka. SYNONYMS

TA578  (Back to overview)


TA578, a threat actor that Proofpoint researchers have been tracking since May of 2020. TA578 has previously been observed in email-based campaigns delivering Ursnif, IcedID, KPOT Stealer, Buer Loader, BazaLoader, and Cobalt Strike.


Associated Families

There are currently no families associated with this actor.


References
2022-04-28ProofpointKelsey Merriman, Pim Trouerbach
@online{merriman:20220428:this:4b5ea2a, author = {Kelsey Merriman and Pim Trouerbach}, title = {{This isn't Optimus Prime's Bumblebee but it's Still Transforming}}, date = {2022-04-28}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/bumblebee-is-still-transforming}, language = {English}, urldate = {2022-04-29} } This isn't Optimus Prime's Bumblebee but it's Still Transforming
BumbleBee TA578 TA579

Credits: MISP Project