An Encounter With TA551/Shathak

The Recon incident response team recently responded to a case of business email compromise. ┬áThe incident spanned over seven months of potential dwell time, and included the unraveling of encrypted malware hidden in an image file. Our analysis attributed the incident to a threat group known as TA551/Shathak, known…