TA2722

Description

(Proofpoint) Proofpoint identified a new and highly active cybercriminal threat actor, TA2722, colloquially referred to by Proofpoint threat researchers as the Balikbayan Foxes. Throughout 2021, a series of campaigns impersonated multiple Philippine government entities including the Department of Health, the Philippine Overseas Employment Administration (POEA), and the Bureau of Customs. Other related campaigns masqueraded as the Manila embassy for the Kingdom of Saudi Arabia (KSA) and DHL Philippines. The messages were intended for a variety of industries in North America, Europe, and Southeast Asia, with the top sectors including Shipping, Logistics, Manufacturing, Business Services, Pharmaceutical, Energy, and Finance.

Names

Name	Name-Giver
TA2722	Proofpoint
Balikbayan Foxes	Proofpoint

Country

Unknown

Motivation

Information theft and espionage

First Seen

2020

Observed Sectors

Observed Countries

Tools

Information

https://www.proofpoint.com/us/blog/threat-insight/new-threat-actor-spoofs-philippine-government-covid-19-health-data-widespread

Other Information

Uuid

6b9f8bf4-afdf-4ff4-bc59-9dc4f9dea767

Last Card Change

2021-11-04

Threat Intelligence Garden

Explorer

TA2722

TA2722

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks