A cybercriminal group named TA551 has shown a substantial change in strategies by adding the open-source pentest tool Sliver to its arsenal.
According to cybersecurity firm Proofpoint, TA551 is an initial access broker recognized for sharing malware through thread hijacking. It is a method where the opponent gains access to compromised email accounts or stolen messages to make contact with its victims.
The cybercrime group was detected delivering malware previously, such as Emotet, IcedID, Qbot, and Ursnif. They were also providing ransomware operators with access to the compromised systems.
Cybercriminals are also using offensive frameworks such as Veil and Lemontree.
Source: Security Week
For more such updates follow us on Google News ITsecuritywire News