TA547 targets German organizations with Rhadamanthys malware

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware.

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot, Gootkit, Lumma stealer, NetSupport RAT, Ursnif, and ZLoader. The group also operates as an initial access broker (IAB) and targets various geographic regions.

Read More on Security Affairs