ID | Votes | Profile Description |
---|---|---|
Industroyer | 4 | Industroyer, also known as CrashOverride, is a potent malware specifically designed to target Industrial Control Systems (ICS) used in electrical substations. It first gained notoriety for its role in the 2016 cyberattack on Ukraine's power grid, which resulted in a six-hour blackout in Kyiv. The ma |
Nikowiper | 3 | NikoWiper is a malicious software (malware) identified as a new data wiper attributed to Sandworm, a state-backed hacker group linked with Russia's Main Directorate of the General Staff of the Armed Forces (GRU). This malware, unique in its design compared to other strains, was used in an attack on |
Unc3810 | 2 | UNC3810 is a malware identified and tracked by cybersecurity firm Mandiant, notorious for its deployment of CaddyWiper in October 2022. This malicious software is designed to exploit and damage computer systems, often infiltrating via suspicious downloads, emails, or websites. The threat actor, init |
ID | Type | Votes | Profile Description |
---|---|---|---|
Industroyer2 | Unspecified | 4 | Industroyer2 is a sophisticated piece of malware designed to target Industrial Control Systems (ICS), developed and deployed by the Russian state-sponsored advanced persistent threat group, Sandworm. The group has been active since 2007 and used Industroyer2 in a significant attack against Ukraine's |
HermeticWiper | has used | 4 | HermeticWiper is a destructive malware that was first disclosed by cybersecurity researchers on February 23, 2022. This malicious software was deployed against organizations in Ukraine, with the intent of destroying computer systems and rendering them inoperable. The malware infiltrates systems thro |
WhisperGate | Unspecified | 4 | WhisperGate is a type of malware, specifically a wiper, that was used extensively in cyberattacks against Ukrainian organizations throughout 2022. It was one of several malicious software tools deployed by Russian Advanced Persistent Threat (APT) actors, alongside others such as AwfulShred, CaddyWip |
Isaacwiper | Unspecified | 4 | IsaacWiper is a malicious software (malware) that has been identified as part of a series of cyberattacks against Ukraine in 2022. The malware is known to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Once inside, IsaacWiper can disru |
Foxblade | Unspecified | 2 | Foxblade, also known as HermeticWiper, is a form of malware designed to exploit and damage computer systems. It was first reported in attacks that took place on March 10th, 2022, as part of the Hermetic campaign. The campaign also saw the deployment of another malware called HermeticRansom (or Sonic |
Prestige Ransomware | Unspecified | 2 | The Prestige ransomware is a type of malware that had not been observed by Microsoft prior to its deployment. It is a malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. Once inside a system, it can steal personal |
Doublezero | Unspecified | 1 | DoubleZero is a form of malware, specifically classified as a "wiper," that was discovered by CERT-UA on March 17th, 2022. Like other malicious software, it can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Unlike most malware, however, Dou |
Whisperkill | Unspecified | 1 | None |
Acidrain | Unspecified | 1 | AcidRain is a malicious software, or malware, that was first described in March, following a cyberattack that disrupted approximately 10,000 satellite modems associated with communications provider Viasat's KA-SAT network. The malware was discovered by cybersecurity firm SentinelOne in February 2022 |
Prestige | Unspecified | 1 | Prestige is a type of malware attributed to the Russia-linked Advanced Persistent Threat (APT) group, Sandworm. This malicious software was used in ransomware attacks against Ukrainian and Polish logistics companies in October 2022. The deployment of Prestige coincided with reported instances of ran |
Acidpour | Unspecified | 1 | AcidPour is a newly identified malware that has been specifically designed to target Linux x86 devices. As a wiper, AcidPour's primary function is to erase data from the infected device, leading to significant disruptions in operations and potential loss of valuable information. The malware infiltra |
HermeticWizard | Unspecified | 1 | HermeticWizard is a malicious software (malware) that emerged as part of a series of cyber-attacks against Ukraine since January 2022. The malware operates alongside other destructive programs such as HermeticWiper, IsaacWiper, and CaddyWiper, with additional Indicators of Compromise (IOCs) for Whis |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sandworm | has used | 8 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
Cyberarmyofrussia_reborn | Unspecified | 2 | CyberArmyofRussia_Reborn is a threat actor with suspected links to the GRU, Russia's main intelligence agency. This group has been associated with several high-profile cyberattacks, including those on US and Polish water utilities and a French dam. The group uses its Telegram channel to leak stolen |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 3 months ago | Previously unknown Kapeka backdoor linked to Sandworm APT |
DARKReading | 4 months ago | Russian APT Releases More Deadly Variant of AcidRain Wiper Malware |
CERT-EU | 7 months ago | Analysis of OT cyberattacks and malwares |
Securityaffairs | 7 months ago | Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months |
BankInfoSecurity | 8 months ago | Ukraine Tracks a Record Number of Cyber Incidents During War |
CERT-EU | 8 months ago | Mandiant tackles destructive Sandworm cyber attack on Ukrainian infrastructure |
SecurityIntelligence.com | 8 months ago | CaddyWiper: Third Wiper Malware Targeting Ukrainian Organizations |
CERT-EU | 8 months ago | Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack |
CERT-EU | 8 months ago | Russia’s Sandworm hackers behind power blackouts in Ukraine amid massive missile strikes |
CERT-EU | 9 months ago | How Living-off-the-land (LotL) technique is used to hack into power grids & cause power outages |
CERT-EU | 9 months ago | Ukraine's power grid targeted by Sandworm hackers last year |
CERT-EU | 9 months ago | Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes |
Securityaffairs | 9 months ago | Russian Sandworm disrupts power in Ukraine with a new OT attack |
CERT-EU | 9 months ago | Sandworm hackers incapacitated Ukrainian power grid amid missile strike - Help Net Security |
CERT-EU | 9 months ago | Russian hackers disrupted Ukrainian electrical grid last year |
CERT-EU | 9 months ago | Russia's Sandworm, not just missile strikes, behind blackout |
CERT-EU | 9 months ago | Russian hackers switch to LOTL technique to cause power outage |
InfoSecurity-magazine | 9 months ago | Russian APT Sandworm Disrupted Power in Ukraine Using OT Techniques |
CERT-EU | 9 months ago | New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks |
BankInfoSecurity | 9 months ago | Ukrainian Telcos Targeted by Suspected Sandworm Hackers |