TAG-150 is a rapidly evolving threat actor deploying a sophisticated multi-tiered infrastructure and new custom malware, including the novel CastleRAT, with potential links to Play Ransomware operations. The group emphasizes stealth and evasion, utilizing various file-sharing and anonymization services to enhance operational security.
Latest mentioned: 09-09
Earliest mentioned: 09-05