Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation At It Again

The TA505 threat group targeted multiple countries across the globe with updated versions of the FlawedAmmyy RAT and ServHelper backdoor. The initial infection vector was spear-phishing emails that contained either a malicious link or attachment. The groups recent campaigns also changed to using .ISO image attachments and a .NET downloader to carry out the attacks.
Name Modified Date Sources
Operation At It Again 2019-09-13