VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

TA4922 Expands Phishing: Attacks Target UK, Germany, Italy and South Africa

TA4922 расширяет фишинг: атаки на Великобританию, Германию, Италию и ЮАР

Colleagues — TA4922 has expanded phishing campaigns targeting the UK, Germany, Italy and South Africa (Proofpoint).

What happened:
- Using HR/business lures to harvest credentials, perpetrate fraud and deliver malware: AtlasRAT, ValleyRAT, RomulusLoader, SilentRunLoader.
- Techniques: DLL side‑loading, theft of Chrome data (passwords, cookies) and migrating conversations to LINE/WhatsApp/Teams to evade defenses.
- Actor likely financially motivated; tools may also enable surveillance; campaigns are rapidly scaling.

Why it matters: threat activity is increasing — strengthen email security and monitor external communication channels.

Which mitigations do you prioritise?

#cybersecurity #phishing #incident #APT

Latest comments

No comments yet.