This group's activity was first observed in November 2013. It leverages a banking Trojan more commonly known as Shylock which aims to compromise online banking credentials and credentials related to Bitcoin wallets.
No exploited CVEs have been attributed to this threat actor yet.
Browse CVE Database