"Truebot Malware Activity Increases With Possible Evil Corp Connections"

Security researchers at Cisco Talos have discovered that threat group Silence has been infecting an increasing number of devices using Truebot malware.  The researchers suggest that there is a connection between Silence and the infamous hacking group Evil Corp (tracked by Cisco as TA505).  According to an advisory published on Thursday, the campaigns observed by the researchers have resulted in the creation of two botnets: one with infections distributed worldwide (particularly in Mexico and Brazil) and a more recent one focused on the US.  The researchers noted that while they don't have enough information to say that there is a specific focus on a sector, they noticed a number of compromised education sector organizations.  One of the researchers, Tiago Pereira, believes Truebot to be a precursor to other threats that are known to have been responsible for attacks leading to high losses.   The researchers stated that Silence is not simply expanding its targets but also advancing from using malicious emails as its primary delivery method to new techniques.

Infosecurity reports: "Truebot Malware Activity Increases With Possible Evil Corp Connections"