Alias Description | Votes |
---|---|
Conti is a possible alias for Bl00dy. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | 3 |
The Bl00dy Ransomware Gang is a possible alias for Bl00dy. The Bl00dy ransomware gang, a threat actor that began operations in May 2022, is known for its malicious activities, which include exploiting vulnerabilities and using double extortion techniques against targeted organizations. This group has been observed to leverage the ScreenConnect Remote Code E | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Black Basta Malware is associated with Bl00dy. Black Basta is a notorious malware and ransomware group known for its high-profile attacks on various sectors. The group, also known as Storm-0506, has been active since at least early 2022 and has accumulated over $107 million in Bitcoin ransom payments. It deploys malicious software to exploit vul | Unspecified | 5 |
The Lockbit Malware is associated with Bl00dy. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operat | Unspecified | 5 |
The Truebot Malware is associated with Bl00dy. Truebot is a malicious software (malware) utilized by the CL0P actors, designed to exploit and damage computer systems. This malware can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Truebot serves multiple purposes: it can dow | Unspecified | 2 |
The Buhti Malware is associated with Bl00dy. Buhti is a malicious software, or malware, that was first highlighted by Palo Alto Networks Unit 42 in February 2023. It is a Golang ransomware targeting Linux systems. The Buhti ransomware operation was further detailed by Symantec’s Threat Hunter Team in May of the same year. Its payload included | Unspecified | 2 |
The Hive Malware is associated with Bl00dy. Hive is a malicious software (malware) known for its ransomware capabilities, which has been highly active in numerous countries, including the US. This malware infects systems often through suspicious downloads, emails, or websites, disrupting operations and stealing personal information. Notably, | Unspecified | 2 |
The Lockbit Black Malware is associated with Bl00dy. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Blackmatter Threat Actor is associated with Bl00dy. BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention | Unspecified | 2 |
The Hunters International Threat Actor is associated with Bl00dy. Hunters International is a threat actor group believed to be based in Russia, which has gained prominence in the cybersecurity landscape due to its malicious activities. The group is known for executing sophisticated ransomware attacks, leveraging a tool identified as SharpRhino to gain persistence | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-27350 Vulnerability is associated with Bl00dy. CVE-2023-27350 represents a significant software vulnerability in PaperCut MF/NG, identified as an improper access control flaw. This weakness allows attackers to bypass authentication processes, providing them with the ability to execute code with system privileges. The vulnerability was first upda | Unspecified | 4 |
The CVE-2024-1709 Vulnerability is associated with Bl00dy. CVE-2024-1709 is a critical vulnerability in the ConnectWise ScreenConnect software that allows for an authentication bypass. This flaw can enable a remote non-authenticated attacker to bypass the system's authentication process and gain full access. The issue was identified by Sophos Rapid Response | Unspecified | 3 |
The CVE-2024-1708 Vulnerability is associated with Bl00dy. CVE-2024-1708 is a high-severity path traversal vulnerability that was discovered in ConnectWise's ScreenConnect software. This flaw, which affects versions 23.9.7 and earlier, allows a remote privileged user to read arbitrary files on the system using a specially crafted HTTP request. ConnectWise d | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago | ||
CERT-EU | 7 months ago | ||
Malwarebytes | 7 months ago | ||
CERT-EU | 7 months ago |