‘The notorious gang is back’ all Gmail and Outlook users warned as red flag in inbox can reveal if you’re a target


CYBERSECURITY experts have warned about a dangerous malware that has reappeared.

Following a nine-month absence, a malicious software dubbed TA866 is now back.


Experts have warned about a resurfaced malwareCredit: Getty

The malware was spotted back in action by cybersecurity researchers from Proofpoint.

Proofpoint says TA866 sent several thousand emails with subjects such as “Project achievements” to targets in North America.

The emails featured a PDF attachment that contained OneDrive URLs and looked like this: “Document_[10 digits].prf”

If clicked, these links “initiated a multi-step infection chain eventually leading to the malware payload,” Proofpoint said in its report.

Malware is a malicious file or code that can infect your smartphone, desktop, or laptop.

This software can steal sensitive information from your devices, including banking accounting.

This particular malware is a variant of the WasabiSeed and Screenshotter custom toolset. 

Basically, TA866 can spy on victim activity via screenshots before installing a bot and stealer.

The malware has been active since October 2022 and continued into January 2023, and now 2024.

Proofpoint observed campaigns primarily targeting organizations in the United States.

However, researchers also noticed sporadic attacks in countries like Germany.


For starters, it’s important always to keep your device updated with the latest software.

These updates provide patches that can fix security holes that malware can exploit.

You should also avoid installing apps from unofficial system stores, and even then, do your research.

Furthermore, you should never download anything from strange emails, pop-up windows, or suspicious-looking websites.

It’s also important to install an antivirus on your device so it can scan for malware.