According to FireEye, a new threat actor with a financial motive has used many new pieces of malware to threaten several organizations in the United States and other countries.
The threat actor is identified as UNC2529 by the cybersecurity company, and it does not appear to be connected to any other recognized groups. UNC2529 used a large command and control (C&C) infrastructure, three sophisticated malware families, and custom lures to execute a phishing campaign that targeted a wide variety of organizations.
Mandiant, a FireEye incident response unit that witnessed two attack waves in December 2020, characterized the group as “experienced and well resourced”. In the first wave, the company identified 28 targeted organizations, and it claims there were at least 22 in the second wave.
To Read More: Thehackernews