ID | Votes | Profile Description |
---|---|---|
Carberp | 1 | Carberp is a notable malware that has been widely used and modified by various threat actors. Its source code, which was leaked in 2013, has become the basis for a multitude of other malicious software due to its sophisticated design and capabilities. The malware can infiltrate systems through dubio |
ADVSTORESHELL | 1 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
CORESHELL | Unspecified | 1 | Coreshell is a variant of Sofacy malware used by threat actors to compromise systems and steal sensitive information. Malware, like Coreshell, can infect computer systems through suspicious downloads, emails, or websites. Once inside, it can disrupt operations, steal personal information, or hold da |
Xagent | Unspecified | 1 | XAgent is a sophisticated malware developed by the Sofacy group, also known as APT28 or Fancy Bear. This malicious software was added to the group's arsenal in 2013, alongside other backdoors and tools such as CORESHELL, SPLM (also known as Xagent or CHOPSTICK), JHUHUGIT, AZZY, and others. XAgent is |
Splm | Unspecified | 1 | SPLM, also known as XAgent or CHOPSTICK, is a sophisticated malware variant deployed by the Sofacy group. The group, notorious for its cyber espionage campaigns, expanded its arsenal in 2013, adding SPLM among other backdoors and tools such as CORESHELL, JHUHUGIT, AZZY, and more. These campaigns hav |
JHUHUGIT | Unspecified | 1 | Jhuhugit is a type of malware that was used in Sofacy attacks as a first-stage implant. It became relatively popular and was also used with a Java zero-day in July 2015. The Sofacy group, which utilized jhuhugit, expanded their arsenal in 2013 by adding more backdoors and tools, including CORESHELL, |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sofacy | Unspecified | 1 | Sofacy is a threat actor group that has been observed using multiple languages to create variants of the Zebrocy Trojan and Cannon. In one campaign, they relied heavily on filenames to lure victims into launching weaponized documents. The group packed only Delphi variants in an attempt to increase e |
APT28 | Unspecified | 1 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
Sofacy Group | Unspecified | 1 | The Sofacy Group, also known as APT28, Fancy Bear, Pawn Storm, Sednit, BlueDelta, and STRONTIUM, is a significant threat actor in the global cybersecurity landscape. Active since at least 2007, this group has targeted governments, militaries, and security organizations worldwide. The group's activit |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
MITRE | a year ago | Sofacy APT hits high profile targets with updated toolset |