TA578

MISP

Type:
Unknown

Country:
Unknown

First seen:
Unknown

Details:

TA578, a threat actor that Proofpoint researchers have been tracking since May of 2020. TA578 has previously been observed in email-based campaigns delivering Ursnif, IcedID, KPOT Stealer, Buer Loader, BazaLoader, and Cobalt Strike.

MITRE ATT&CK: View on MITRE

Techniques Used (4)

ID	ATT&CK	Tactics
T1059.007	JavaScript	-
T1204.001	Malicious Link	-
T1583.006	Web Services	-
T1594	Search Victim-Owned Websites	-

References (1)

proofpoint.com - Bumblebee Is Still Transforming

Related Malware (3)

Bumblebee
other

IcedID
other

Latrodectus
other

Metadata

ID:	364
Created:	13/01/2026 17:48
Updated:	07/03/2026 04:00