Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Government Imposter

The TA2101 threat group targeted a range of sectors in Germany, Italy, and the United States with spear-phishing emails that contained a malicious Microsoft Word document. The spoofed emails were sent from multiple senders that appeared to come from various entities including the German Federal Ministry of Finance, the Italian Revenue Agency, and the United States Postal Service. Malware used during the operation included the IcedID banking Trojan, Maze ransomware, and Cobalt Strike.
Name Modified Date Sources
Operation Government Imposter 2019-12-16