Clop ransomware uses TrueBot malware for access to networks

Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence.

The Silence group is known for its big heists against financial institutions, and has begun to shift from phishing as an initial compromise vector.

The threat actor is also using a new custom data exfiltration tool called Teleport. Analysis of Silence’s attacks over the past months revealed that the gang delivered Clop ransomware typically deployed by TA505 hackers, which are associated with the FIN11 group.

Read more…
Source: Bleeping Computer