The breach of outsourcing firm Wipro is a cybercriminal operation using tools common to red teams and penetration testers, an analysis says. The group behind the breach has links to a phishing campaign that focuses on gathering credentials to gain access to corporate sites for administering gift card and reward programs. The attackers used ScreenConnect, a remote access tool (RAT) and Powerkatz, a post-exploitation tool often used by red teams, says Flashpoint. The company’s compromised systems have apparently been used as a jumping-off point to attempt to infiltrate the networks of at least 11 clients.”]
Source: https://www.darkreading.com/attacks-breaches/attackers-used-red-team-pen-testing-tools-to-hack-wipro