TA551 campaign expands across multiple victims
Campaign
Summary
Hide ▲
Show ▼
The TA551 / Mario Kart operation ran a massive spam-email malware campaign that spread infections worldwide and enabled later access sales to ransomware crews. At peak, it could send 700,000 emails a day and infect about 3,000 computers per day. The scale of the botnet made it a durable delivery channel for follow-on criminal activity.
Related Happenings
Microsoft civil action against Fox Tempest infrastructure takedown
Regulatory/Legal Action
First: 19.05.2026 18:00
Last: 19.05.2026 18:00
Sources 1
About this happening:
Microsoft filed a **civil action** against **Fox Tempest** in the **US District Court for the Southern District of New York**, securing a **court order** that enabled a broad disr...
Microsoft civil action against Fox Tempest infrastructure takedown
Regulatory/Legal ActionAbout this happening: Microsoft filed a **civil action** against **Fox Tempest** in the **US District Court for the Southern District of New York**, securing a **court order** that enabled a broad disr...
Interpol Operation Ramz cybercrime crackdown in MENA
Law Enforcement
First: 18.05.2026 17:00
Last: 18.05.2026 17:00
Sources 1
About this happening:
**INTERPOL**'s **Operation Ramz** led to **more than 200 arrests** across the **Middle East and North Africa**, with law enforcement also identifying **382 additional suspects** i...
Interpol Operation Ramz cybercrime crackdown in MENA
Law EnforcementAbout this happening: **INTERPOL**'s **Operation Ramz** led to **more than 200 arrests** across the **Middle East and North Africa**, with law enforcement also identifying **382 additional suspects** i...
Cyber-enabled cargo theft is surging across transportation and logistics in 2025
Target Trend
First: 30.04.2026 19:32
Last: 30.04.2026 19:32
Sources 1
About this happening:
**Cyber-enabled cargo theft** is surging across **transportation and logistics**, driving nearly **$725 million** in estimated losses in the **U.S. and Canada** and materially inc...
Cyber-enabled cargo theft is surging across transportation and logistics in 2025
Target TrendAbout this happening: **Cyber-enabled cargo theft** is surging across **transportation and logistics**, driving nearly **$725 million** in estimated losses in the **U.S. and Canada** and materially inc...
Brazilian ISP botnet DDoS campaign
Campaign
First: 30.04.2026 17:04
Last: 30.04.2026 17:04
Sources 1
About this happening:
The **Brazilian ISP botnet DDoS campaign** has been linked to a **Brazil-based threat actor** that repeatedly hit **Brazilian network operators** over several years. The operation...
Brazilian ISP botnet DDoS campaign
CampaignAbout this happening: The **Brazilian ISP botnet DDoS campaign** has been linked to a **Brazil-based threat actor** that repeatedly hit **Brazilian network operators** over several years. The operation...
APT28 FrostArmada DNS hijacking and AitM credential theft campaign
Campaign
First: 07.04.2026 18:51
Last: 07.04.2026 18:51
Sources 1
About this happening:
A multinational disruption effort has taken down **FrostArmada**, an **APT28** campaign that hijacked router DNS settings to steal **Microsoft account credentials** and OAuth toke...
APT28 FrostArmada DNS hijacking and AitM credential theft campaign
CampaignAbout this happening: A multinational disruption effort has taken down **FrostArmada**, an **APT28** campaign that hijacked router DNS settings to steal **Microsoft account credentials** and OAuth toke...
Timeline
-
25.03.2026 10:47 2 articles · 2mo ago
TA551/Mario Kart sentencing disclosure
Initial DisclosureRussian national Ilya Angelov was sentenced to two years in prison after admitting he co-managed the Mario Kart/TA551 spam botnet, which prosecutors said ran from 2017 to 2021, sent up to 700,000 phishing emails a day, and helped deliver BitPaymer ransomware against over 70 U.S. companies, generating over $14 million in extortion payments.
Show sources
- Manager of botnet used in ransomware attacks gets 2 years in prison — www.bleepingcomputer.com — 25.03.2026 10:47
- Russian Cybercriminal Gets 2-Year Prison Sentence in US — www.securityweek.com — 25.03.2026 16:30