TA505 Group's TeslaGun In-Depth Analysis
TA505 is a financially motivated threat group that has been active since 2014. The group frequently changes its malware attack strategies in response to global cybercrime trends. It opportunistically adopts new technologies in order to gain leverage over victims before the wider cybersecurity industry catches on.
This report explains how TA505 enables and manages these attacks through its ”TeslaGun” control panel. The PRODAFT Threat Intelligence (PTI) team identified the group’s control panel and used it to glean insight into how the organization works.