3am

Malware updated 22 days ago (2024-09-26T05:01:06.308Z)
Download STIX
Preview STIX
3AM is a new ransomware family that emerged in the cyber threat landscape, as discovered by Symantec's Threat Hunter Team in September 2023. This malicious software, written in Rust, is designed to exploit and damage computer systems, often infiltrating them without the user's knowledge through suspicious downloads, emails, or websites. Once inside, it can disrupt operations, steal personal information, or hold data hostage for ransom. The malware has adopted advanced tactics to hinder analysis and evade detection, positioning it alongside significant threats like Fog and RansomHub. One of the notable incidents involving the 3AM ransomware occurred when Kootenai Health suffered a substantial data breach. The breach impacted over 464,088 patients, with their personal information leaked by the ThreeAM (3AM) ransomware gang. The attack highlighted the potential severity of 3AM's impact, demonstrating its capability to compromise large-scale databases and expose sensitive data. The appearance of the 3AM ransomware signifies an escalating challenge in cybersecurity. As ransomware continues to evolve, organizations must remain vigilant and proactive in their defense strategies. It is crucial to maintain up-to-date security protocols, educate users about potential threats, and invest in robust cybersecurity infrastructure to mitigate the risk of such attacks.
Description last updated: 2024-09-26T04:15:28.953Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Ransom
Malware
Symantec
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Lockbit Malware is associated with 3am. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operatis related to
5
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Rhysida Threat Actor is associated with 3am. Rhysida, a threat actor active since May 2023, has been responsible for numerous high-profile ransomware attacks. The group is known for its use of various ransomware families, including BlackCat, Hello Kitty, Quantum Locker, Rhysida, Zeppelin, and its own eponymous program, to aid in double extortiUnspecified
2
Source Document References
Information about the 3am Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
SANS ISC
22 days ago
Recorded Future
a month ago
Securityaffairs
2 months ago
Securityaffairs
2 months ago
Securityaffairs
2 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securelist
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago