TA578

Also known as: TA578

TA578 is a threat actor that has used contact forms and email to initiate communications with victims and to distribute malware including Latrodectus, IcedID, and Bumblebee. Latrodectus APR 2024 Bitsight Latrodectus June 2024

🧭 ATT&CK G1038

Introduction

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

ATT&CK technique IDs (denormalized)

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

Archelaus Beta
Cobalt Strike

MITRE ATT&CK Software

Attribution and Evidence

Information pending cataloguing.

References

[1] mitre-attack [2] Bitsight Latrodectus June 2024 Batista, J. (2024, June 17). Latrodectus, are you coming back?. Retrieved September 13, 2024. [3] Latrodectus APR 2024 Proofpoint Threat Research and Team Cymru S2 Threat Research. (2024, April 4). Latrodectus: This Spider Bytes Like Ice . Retrieved May 31, 2024.

Source Attribution

Structured source: MISP Galaxy

View ATT&CK group profile

View upstream source record

License: CC BY-NC-SA 3.0

Additional source provenance

malpedia Source record Dataset
misp galaxy Dataset
mitre Dataset

Source and license policy

🔍 Quick Filters

Top Countries

Risk Distribution

High

161

Critical

Low

Medium

Introduction

Activities and Tactics

Notable Campaigns

Tactics, Techniques, and Procedures (TTPs)

ATT&CK technique IDs (denormalized)

Notable Indicators of Compromise (IOCs)

Malware and Tools

MITRE ATT&CK Software

Attribution and Evidence

References

Clickable IOC Blocks