Outpost24’s Blueliv Labs has announced it has found the infamous TA505 threat actor has resurfaced with a new dangerous RAT variant – named GraceWrapper by Outpost24’s threat researchers.
TA505 is a financially motivated threat actor group believed to have been operating for almost a decade. In more recent years, it is believed that the group is responsible for operating the Clop ransomware after compromising corporate networks by using a variety of remote administration malware such as SDBbot, FlawedAmmy and FlawedGrace, which were downloaded via Get2, Gelup or Mirrorblast. Over time, the group have become more sophisticated by adopting a diverse set of tactics, techniques and procedures (TTPs).
Outpost24’s outpost24 research gracewrapper ta505 threat businesses
