ITG08

Threat Actor updated 4 months ago (2024-05-04T18:38:38.353Z)
Download STIX
Preview STIX
ITG08 is a notable threat actor in the cybersecurity landscape, known for its malicious activities and strategic partnerships with other threat actors. This group has been linked to a series of attacks through Tactics, Techniques, and Procedures (TTPs) consistent with their known modus operandi. While these TTPs alone are not sufficient to attribute all activity to ITG08, they align closely with the group's known actions. X-Force IRIS, an incident response and intelligence service, has encountered these TTPs in several attacks that were attributed to ITG08. The group's partnership with the TrickBot gang exemplifies their strategic approach to cybercrime. This collaboration provides ITG08 with new malware tools, potential access to enterprises infected with the TrickBot Trojan, and further evidence of their strategy to partner with other threat actors and malware developers. The use of TrickBot's Anchor malware framework by ITG08 demonstrates the group's adaptability and its commitment to adopting new malware to maintain its illicit activities. Moreover, ITG08 has been identified using a backdoor known as "More_eggs," according to past analysis by X-Force IRIS. This further underscores the group's persistent efforts to exploit vulnerabilities and infiltrate systems. In summary, ITG08 represents a significant threat to cybersecurity due to its sophisticated tactics, strategic partnerships, and constant evolution of malware usage.
Description last updated: 2023-10-11T00:09:03.449Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
FIN6
2
FIN6, also known as ITG08, Skelaton Spider, and MageCart, is a notorious threat actor that has been implicated in various cybercrime activities. The group gained notoriety for stealing credit cards through point-of-sale (POS) systems in retail and hospitality establishments, most notably in the Home
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the ITG08 Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
MITRE
2 years ago
ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework
MITRE
2 years ago
More_eggs, Anyone? Threat Actor ITG08 Strikes Again
CERT-EU
a year ago
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware