TA505, a sophisticated advanced persistent threat group, is now using legitimately signed certificates to disguise malware that can penetrate banking networks, researchers say. The group is known to have carried out attacks in North America, Asia, Africa and South America. The use of legitimate certificates to hide malware takes the group’s activity up a notch in terms of sophistication and stealth. The same type of certificate was used to spread a version of the LockerGoga ransomware earlier this year, according to security reports.”]
Source: https://www.cuinfosecurity.com/ta505-group-hides-malware-in-legitimate-certificates-a-12417