Group: RTM

From enterprise
Jump to: navigation, search
ID G0048
Aliases RTM

RTM is a cybercriminal group that has been active since at least 2015 and is primarily interested in users of remote banking systems in Russia and neighboring countries. The group uses a Trojan by the same name (RTM).1

Alias Descriptions

  • RTM - 1

Techniques Used

  • Web Service - RTM has used an RSS feed on Livejournal to update a list of encrypted C2 server names.1