Description
[TA578](https://attack.mitre.org/groups/G1038) is a threat actor that has used contact forms and email to initiate communications with victims and to distribute malware including [Latrodectus](https://attack.mitre.org/software/S1160), [IcedID](https://attack.mitre.org/software/S0483), and [Bumblebee](https://attack.mitre.org/software/S1039).(Citation: Latrodectus APR 2024)(Citation: Bitsight Latrodectus June 2024)
Techniques Used (TTPs)
- T1204.001 — Malicious Link (execution)
- T1594 — Search Victim-Owned Websites (reconnaissance)
- T1583.006 — Web Services (resource-development)
- T1059.007 — JavaScript (execution)
Total TTPs: 4
Malware & Tools
Malware: Bumblebee, IcedID, Latrodectus