TA866  (Back to overview)

According to Proofpoint, TA866 is a newly identified threat actor that distributes malware via email utilizing both commodity and custom tools. While most of the activity observed occurred since October 2022, Proofpoint researchers identified multiple activity clusters since 2019 that overlap with TA866 activity. Most of the activity recently observed by Proofpoint suggests recent campaigns are financially motivated, however assessment of historic related activities suggests a possible, additional espionage objective.

Associated Families

There are currently no families associated with this actor.

2023-02-08ProofpointAxel F
Screentime: Sometimes It Feels Like Somebody's Watching Me
WasabiSeed TA866

Credits: MISP Project