TA551 Returns with Word Document that Pushes Qakbot
released on 2021-01-27 @ 07:10:02 PM
Late last week, security researcher Brad Duncan saw new samples of Word documents from TA551 (Shathak) pushing malware. This actor was active up through 2020-12-18 pushing IcedID malware before going on break for the holidays. Now that it's returned, TA551 has been pushing Qakbot (Qbot) malware instead of IcedID.