LOADING
TA577 (also known as Hive0118) is a financially motivated cybercriminal threat actor active since 2020, operating as an initial access broker and malware distributor with a broad targeting footprint spanning North America, Europe, Asia-Pacific, and the Middle East. The group conducts high-volume phishing and malspam campaigns delivering malware payloads—including information stealers and ransomware—across a wide range of sectors such as finance, manufacturing, healthcare, logistics, retail, and professional services. Their primary motivation is financial gain, achieved through deploying ransomware, facilitating data theft, or selling access to compromised networks to downstream threat actors.