Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns
A recent report details that the threat actor group ITG05 has been conducting phishing campaigns targeting entities in Europe the Caucasus Central Asia and the Americas since late 2023. The group has introduced new techniques like search-ms protocol abuse and WebDAV servers to deploy backdoors like MASEPIE and OCEANMAP. ITG05 continues evolving tactics to steal sensitive data.