Decoding TA4903: Exploring the Dual Objectives of a Unique Cyber Threat Actor

DISCARDED: Tales From the Threat Research Trenches - A podcast by Proofpoint

Categories:

Today’s focus is on the elusive threat actor known as TA4903. But that's not all - we've got a special treat for you as well. Our longtime producer, Mindy, is joining us as a co-host, bringing her expertise and insights to the table, as we turn the mic around and interview, Selena! We explore recent research conducted by Selena and her team on TA4903’s distinct objectives. Unlike many cybercrime actors, TA4903 demonstrates a unique combination of tactics, targeting both high-volume credential phishing campaigns and lower-volume direct business email compromises.We also dive into:TA4903 spoofs government entities like the Department of Transportation and the Department of Labor to lure victimsUse of advanced techniques including evil proxy for multi-factor authentication token theft and QR codes for phishing campaignsRising trends in cryptocurrency-related scams and other financial fraudsResources mentioned:MFA Bypass (Blog) by Timothy KromphardtIC3 2023 FBI Report New TA4903 research: https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bidsFor more information, check out our website.