TA505 Hacker Group Deploys Sneaky RMS Tool in Phishing Campaign
The TA505 hacker group has launched a new phishing campaign targeting Russian users. They are using a Remote Management System (RMS) executable to trick victims into downloading malware disguised as banned applications like ExpressVPN, WeChat, and Skype. The hackers take advantage of the scarcity of online applications in Russia to exploit unsuspecting users. The RMS tool allows the hackers to gain remote access and control over victims' devices. This campaign is part of a growing trend of phishing attacks using restricted applications to deceive users. The TA505 group is known for their sophisticated tactics and has a history of deploying ransomware attacks. The resurgence of the RMS tool in their campaign highlights their adaptability and cunning tactics.