ServHelper and FlawedGrace - New malware introduced by TA505
released on 2019-01-10 @ 09:23:32 AM
For much of 2018, we observed threat actors increasingly distributing downloaders, backdoors, information stealers, remote access Trojans (RATs), and more as they abandoned ransomware as their primary payload. In November 2018, TA505, a prolific actor that has been at the forefront of this trend, began distributing a new backdoor we named ServHelper.