Evil Corp, the internationally acclaimed group of cyber criminals, is back in news for having links to the Silence Group developed new malware called ‘TrueBot’. The malware’s primary motive is to steal money and to launch DDoS attacks.
Cisco Talos, the cyber arm of networking giant Cisco, tracked Truebot as an invention to TA505 and concluded that the threat actors were focusing on distributing infection worldwide, after achieving success in infecting firms in the United States- mainly those linked to the education sector.
If Botnets’ count is considered, researchers from Cisco Talos have classified them into two categories. The first one has about 1000 systems on its radar and has succeeded in infecting systems mostly in Pakistan, India, Brazil, and Mexico. Means, they are targeting only the developing nation in their new campaign. The second set of botnets has a count of about 500 devices targeting US-based companies.
As Truebot has capabilities to transmit data through its Teleport tool, it is also caught stealing data, while remaining anonymous in its actions.
Talos findings confirm that Silence Group having a history of targeting only banks and other financial institutions might have developed Truebot malware to focus more on educational institutions for student data and research records on syllabi
NOTE- EVIL Corp that has a history of developing Dridex malware has a network of money mules, who receive money from victims and criminals and then transfer it to the attacker. Apparently, the group appears to be having links with Russia, as its founder Maksim Yakubets is the native of the Putin led nation.