Start your day with intelligence. Get The OODA Daily Pulse.

TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks

New data from an analysis released by Prodraft Threat Intelligence demonstrates how the Evil Corp ransomware gang, also known as TA505 and UNC2165, has expanded its cyber weapon arsenal to include TeslaGun. The cyberattack panel referred to as TeslaGun has been leveraged by the group to help conduct phishing campaigns and ServHelper backdoor campaigns.

The campaigns have targeted more than 8,000 different organizations and individuals, according to Prodraft Threat Intelligence. The majority of the malicious hacking group’s targets have been located within the US. There is some variation in locations targeted, however, the remaining targets are scattered internationally. The group has also been expanding the ServHelper backdoor malware that has been around since at least 2019. The group began to use a new version of the tool in 2021, according to security researchers at Cisco Talos. Most recently, the backdoor has been identified in attacks that drop hidden cryptominers on systems.

Read More: TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks