Remote access Trojan (RAT) tool has been seen making a comeback with multiple attacker groups targeting financial services, healthcare, defense, and telecommunications industries. FireEye says it has seen cyberespionage actors behind the [email protected], th3bug, and menuPass, campaigns all using Poison Ivy in their attacks. The eight-year-old RAT is most infamous for its use in the 2011 data breach of RSA’s SecurID data, as well as in the Nitro targeted attack campaign.”]
Source: https://www.darkreading.com/attacks-breaches/poison-ivy-trojan-just-won-t-die