Russia-Linked TA505 Back at Targeting Financial Institutions

Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies.

The attacks target organizations across multiple sectors in Canada, the United States, Hong Kong, Europe, and more, and have seen low detection rates in Google’s VirusTotal scanning engine.