| ID | Votes | Profile Description |
|---|---|---|
| Conti | 5 | Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was |
| QakBot | 4 | Qakbot is a type of malware that has been linked to various cybercriminal activities, with its presence first observed as early as 2020. It gained notoriety for its role in the operations of the Black Basta ransomware group, which used Qakbot extensively in sophisticated phishing campaigns. The malw |
| Clop | 3 | Clop, also known as Cl0p, is a notorious ransomware group responsible for several high-profile cyberattacks. The group specializes in exploiting vulnerabilities in software and systems to gain unauthorized access, exfiltrate sensitive data, and then extort victims by threatening to release the stole |
| Blacksuit | 3 | BlackSuit is a highly potent and malicious ransomware that emerged as an evolution of the previously identified Royal ransomware, which was active from September 2022 through June 2023. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued joint alerts indicating t |
| Pikabot | 2 | PikaBot is a malicious software (malware) known for providing initial access to infected computers, enabling ransomware deployments, remote takeovers, and data theft. It's part of an array of malware families such as IcedID, Qakbot, Gozi, DarkGate, AsyncRAT, JinxLoader, among others, which have been |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Royal Ransomware | Unspecified | 4 | The Royal Ransomware, a harmful malware program designed to exploit and damage computer systems, operated from September 2022 through June 2023. It employed multi-threaded encryption to disrupt operations and hold data hostage for ransom. The ransomware was primarily disseminated through suspicious |
| Ryuk | Unspecified | 3 | Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves |
| Akira | Unspecified | 3 | Akira is a malicious software or malware that has been causing significant damage to various organizations and systems worldwide. The ransomware, known for its persistent and harmful attacks, has successfully infiltrated numerous systems, often without the knowledge of the users, disrupting operatio |
| Cactus | Unspecified | 3 | Cactus is a malicious software (malware) that infiltrates systems to exploit and damage them. This malware, often delivered through suspicious downloads, emails, or websites, can steal personal information, disrupt operations, or hold data hostage for ransom. Cactus has been used in several high-pro |
| Hive | Unspecified | 3 | Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated |
| Karakurt | Unspecified | 2 | Karakurt is a malicious software (malware) utilized by cybercriminals for data theft and extortion. It was revealed as the data extortion arm of the Conti cybercrime syndicate, with links to ITG23 affiliates. Karakurt has been associated with numerous attacks, including those carried out by Quantum, |
| Blackbasta Ransomware | Unspecified | 2 | BlackBasta is a ransomware-type malware, designed to infiltrate systems undetected and hold data hostage in exchange for ransom. Originating from Russian-speaking regions, this malicious software has been linked to numerous high-profile cyber attacks. The group behind BlackBasta has demonstrated its |
| REvil | Unspecified | 2 | REvil is a type of malware, specifically ransomware, that has been linked to significant cyber attacks. It emerged as part of the Ransomware as a Service (RaaS) model that gained popularity in 2020. This model established relationships between first-stage malware and subsequent ransomware attacks, s |
| Ghost Clown | Unspecified | 2 | Ghost Clown is a malware entity that has been implicated in the deployment of malicious software, specifically ransomware strains like BlackBasta and Conti. This previously undetected ransomware group, along with another affiliate named Space Kook, were identified by anti-ransomware company Halcyon. |
| Black Basta | Unspecified | 2 | Black Basta is a notorious malware group known for its ransomware activities. The group has been active since at least early 2022, during which time it has accumulated an estimated $107 million in Bitcoin ransom payments. It leverages malicious software to infiltrate and exploit computer systems, of |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Alphv | Unspecified | 7 | Alphv is a threat actor group known for its malicious activities in the cyber world. They have been particularly active in deploying ransomware attacks, with one of their most significant actions being the theft of 5TB of data from Morrison Community Hospital. This act not only disrupted hospital op |
| Bianlian | Unspecified | 3 | BianLian is a significant threat actor within the cybersecurity landscape, known for its malicious activities and cyber-attacks. The group has been particularly active in exploiting bugs in JetBrains TeamCity, a popular continuous integration and deployment system used by software development teams. |
| Space Kook | Unspecified | 2 | Space Kook is a threat actor, or malicious entity, identified in the cybersecurity industry for its involvement in ransomware operations. Named after a villain from Scooby Doo, Space Kook was first linked to malicious activities by Halcyon's analysis, which showed connections to an initial access br |
| FIN7 | Unspecified | 2 | FIN7, a prominent threat actor in the cybercrime landscape, has been noted for its malicious activities and innovative tactics. Known for their relentless attacks on large corporations, FIN7 recently targeted a significant U.S. carmaker with phishing attacks, demonstrating their continued evolution |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| InfoSecurity-magazine | 4 days ago | Active Ransomware Groups Surge by 56% in 2024 | |
| InfoSecurity-magazine | 8 days ago | Published Vulnerabilities Surge by 43% | |
| Securityaffairs | a month ago | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6 | |
| Securityaffairs | a month ago | security-affairs-malware-newsletter-round-5 | |
| DARKReading | 9 months ago | Feds Snarl ALPHV/BlackCat Ransomware Operation | |
| Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
| Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
| Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 2 | |
| Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 1 | |
| Securityaffairs | 2 months ago | Operation Morpheus took down 593 Cobalt Strike servers used by threat actors | |
| InfoSecurity-magazine | 2 months ago | Ransomware Attack Demands Reach a Staggering $5.2m in 2024 | |
| Securityaffairs | 2 months ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION | |
| Securityaffairs | 3 months ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION | |
| Securityaffairs | 3 months ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION | |
| Securityaffairs | 3 months ago | A ransomware attack on Synnovis impacted several London hospitals | |
| Securityaffairs | 3 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION | |
| Securityaffairs | 4 months ago | OmniVision disclosed a data breach after the 2023 Cactus ransomware attack | |
| Securityaffairs | 4 months ago | Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors | |
| BankInfoSecurity | 4 months ago | Breach Roundup: Kimsuky Serves Linux Trojan | |
| Securityaffairs | 4 months ago | Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION |