ID | Votes | Profile Description |
---|---|---|
Conti | 5 | Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was |
QakBot | 4 | Qakbot is a type of malware that has been linked to various cybercriminal activities, with its presence first observed as early as 2020. It gained notoriety for its role in the operations of the Black Basta ransomware group, which used Qakbot extensively in sophisticated phishing campaigns. The malw |
Clop | 3 | Clop is a form of malware, specifically ransomware, known for its disruptive and damaging capabilities. It is designed to infiltrate systems through various means such as suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, Clop can steal personal informati |
Blacksuit | 3 | BlackSuit is a highly potent and malicious ransomware that emerged as an evolution of the previously identified Royal ransomware, which was active from September 2022 through June 2023. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued joint alerts indicating t |
Pikabot | 2 | PikaBot is a malicious software (malware) known for providing initial access to infected computers, enabling ransomware deployments, remote takeovers, and data theft. It's part of an array of malware families such as IcedID, Qakbot, Gozi, DarkGate, AsyncRAT, JinxLoader, among others, which have been |
ID | Type | Votes | Profile Description |
---|---|---|---|
Akira | Unspecified | 4 | Akira is a malicious software known for its persistent and damaging attacks on various systems. This ransomware has been active since at least 2023, as reported by Sophos, and it operates by infiltrating systems often through suspicious downloads, emails, or websites, encrypting data, and demanding |
Royal Ransomware | Unspecified | 4 | The Royal Ransomware, a harmful malware program designed to exploit and damage computer systems, operated from September 2022 through June 2023. It employed multi-threaded encryption to disrupt operations and hold data hostage for ransom. The ransomware was primarily disseminated through suspicious |
Cactus | Unspecified | 3 | Cactus is a malicious software (malware) that infiltrates systems to exploit and damage them. This malware, often delivered through suspicious downloads, emails, or websites, can steal personal information, disrupt operations, or hold data hostage for ransom. Cactus has been used in several high-pro |
Ryuk | Unspecified | 3 | Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves |
Hive | Unspecified | 3 | Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated |
REvil | Unspecified | 2 | REvil is a type of malware, specifically ransomware, that has been linked to significant cyber attacks. It emerged as part of the Ransomware as a Service (RaaS) model that gained popularity in 2020. This model established relationships between first-stage malware and subsequent ransomware attacks, s |
Blackbasta Ransomware | Unspecified | 2 | BlackBasta is a ransomware-type malware, designed to infiltrate systems undetected and hold data hostage in exchange for ransom. Originating from Russian-speaking regions, this malicious software has been linked to numerous high-profile cyber attacks. The group behind BlackBasta has demonstrated its |
Ghost Clown | Unspecified | 2 | Ghost Clown is a malware entity that has been implicated in the deployment of malicious software, specifically ransomware strains like BlackBasta and Conti. This previously undetected ransomware group, along with another affiliate named Space Kook, were identified by anti-ransomware company Halcyon. |
Black Basta | Unspecified | 2 | Black Basta is a notorious malware group known for its ransomware activities. The group has been active since at least early 2022, during which time it has accumulated an estimated $107 million in Bitcoin ransom payments. It leverages malicious software to infiltrate and exploit computer systems, of |
Karakurt | Unspecified | 2 | Karakurt is a malicious software (malware) utilized by cybercriminals for data theft and extortion. It was revealed as the data extortion arm of the Conti cybercrime syndicate, with links to ITG23 affiliates. Karakurt has been associated with numerous attacks, including those carried out by Quantum, |
ID | Type | Votes | Profile Description |
---|---|---|---|
Alphv | Unspecified | 7 | Alphv, a notable threat actor in the cybersecurity landscape, has been identified as the perpetrator behind several high-profile ransomware attacks. The group, also known as BlackCat, has demonstrated significant capabilities and adaptability, evolving from a standalone entity to a ransomware-as-a-s |
FIN7 | Unspecified | 3 | FIN7, also known as Carbanak, is a Russian cybercrime group that has been active since mid-2015. The group primarily targets the restaurant, gambling, and hospitality industries in the U.S. to extract financial information for use in attacks or sale on cybercrime marketplaces. Recently, FIN7 has exp |
Bianlian | Unspecified | 3 | BianLian is a significant threat actor within the cybersecurity landscape, known for its malicious activities and cyber-attacks. The group has been particularly active in exploiting bugs in JetBrains TeamCity, a popular continuous integration and deployment system used by software development teams. |
Space Kook | Unspecified | 2 | Space Kook is a threat actor, or malicious entity, identified in the cybersecurity industry for its involvement in ransomware operations. Named after a villain from Scooby Doo, Space Kook was first linked to malicious activities by Halcyon's analysis, which showed connections to an initial access br |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 4 days ago | Patch Alert Issued for Veeam Backup & Replication Software | |
InfoSecurity-magazine | 10 days ago | Active Ransomware Groups Surge by 56% in 2024 | |
InfoSecurity-magazine | 14 days ago | Published Vulnerabilities Surge by 43% | |
Securityaffairs | a month ago | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6 | |
Securityaffairs | a month ago | security-affairs-malware-newsletter-round-5 | |
DARKReading | 9 months ago | Feds Snarl ALPHV/BlackCat Ransomware Operation | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 2 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 1 | |
Securityaffairs | 2 months ago | Operation Morpheus took down 593 Cobalt Strike servers used by threat actors | |
InfoSecurity-magazine | 2 months ago | Ransomware Attack Demands Reach a Staggering $5.2m in 2024 | |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | A ransomware attack on Synnovis impacted several London hospitals | |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 4 months ago | OmniVision disclosed a data breach after the 2023 Cactus ransomware attack | |
Securityaffairs | 4 months ago | Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors | |
BankInfoSecurity | 4 months ago | Breach Roundup: Kimsuky Serves Linux Trojan |