| ID | Votes | Profile Description |
|---|---|---|
| Industroyer | 4 | Industroyer, also known as CrashOverride, is a potent malware specifically designed to target Industrial Control Systems (ICS) used in electrical substations. It first gained notoriety for its role in the 2016 cyberattack on Ukraine's power grid, which resulted in a six-hour blackout in Kyiv. The ma |
| Nikowiper | 3 | NikoWiper is a malicious software (malware) identified as a new data wiper attributed to Sandworm, a state-backed hacker group linked with Russia's Main Directorate of the General Staff of the Armed Forces (GRU). This malware, unique in its design compared to other strains, was used in an attack on |
| Unc3810 | 2 | UNC3810 is a malware identified and tracked by cybersecurity firm Mandiant, notorious for its deployment of CaddyWiper in October 2022. This malicious software is designed to exploit and damage computer systems, often infiltrating via suspicious downloads, emails, or websites. The threat actor, init |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| HermeticWiper | has used | 4 | HermeticWiper is a destructive malware that was first disclosed by cybersecurity researchers on February 23, 2022. This malicious software was deployed against organizations in Ukraine, with the intent of destroying computer systems and rendering them inoperable. The malware infiltrates systems thro |
| Industroyer2 | Unspecified | 4 | Industroyer2 is a sophisticated piece of malware designed to target Industrial Control Systems (ICS), developed and deployed by the Russian state-sponsored advanced persistent threat group, Sandworm. The group has been active since 2007 and used Industroyer2 in a significant attack against Ukraine's |
| WhisperGate | Unspecified | 4 | WhisperGate is a destructive malware, first identified by Microsoft in January 2022, that has been used to target Ukrainian organizations including government, non-profit, and IT entities. This malicious software operates as a wiper disguised as ransomware, causing significant damage to computer sys |
| Isaacwiper | Unspecified | 4 | IsaacWiper is a malicious software (malware) that has been identified as part of a series of cyberattacks against Ukraine in 2022. The malware is known to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites. Once inside, IsaacWiper can disru |
| Foxblade | Unspecified | 2 | Foxblade, also known as HermeticWiper, is a form of malware designed to exploit and damage computer systems. It was first reported in attacks that took place on March 10th, 2022, as part of the Hermetic campaign. The campaign also saw the deployment of another malware called HermeticRansom (or Sonic |
| Prestige Ransomware | Unspecified | 2 | The Prestige ransomware is a type of malware that had not been observed by Microsoft prior to its deployment. It is a malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. Once inside a system, it can steal personal |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Sandworm | has used | 8 | Sandworm, a Russia-linked threat actor group, has been implicated in a series of significant cyber-attacks targeting Ukraine's infrastructure. The group successfully compromised 11 Ukrainian telecommunication providers, demonstrating their extensive capabilities and the broad reach of their operatio |
| Cyberarmyofrussia_reborn | Unspecified | 2 | CyberArmyofRussia_Reborn is a threat actor with suspected links to the GRU, Russia's main intelligence agency. This group has been associated with several high-profile cyberattacks, including those on US and Polish water utilities and a French dam. The group uses its Telegram channel to leak stolen |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Securityaffairs | 5 months ago | Previously unknown Kapeka backdoor linked to Sandworm APT | |
| DARKReading | 6 months ago | Russian APT Releases More Deadly Variant of AcidRain Wiper Malware | |
| CERT-EU | 8 months ago | Analysis of OT cyberattacks and malwares | |
| Securityaffairs | 8 months ago | Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months | |
| BankInfoSecurity | 10 months ago | Ukraine Tracks a Record Number of Cyber Incidents During War | |
| CERT-EU | 10 months ago | Mandiant tackles destructive Sandworm cyber attack on Ukrainian infrastructure | |
| SecurityIntelligence.com | 10 months ago | CaddyWiper: Third Wiper Malware Targeting Ukrainian Organizations | |
| CERT-EU | 10 months ago | Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack | |
| CERT-EU | 10 months ago | Russia’s Sandworm hackers behind power blackouts in Ukraine amid massive missile strikes | |
| CERT-EU | 10 months ago | How Living-off-the-land (LotL) technique is used to hack into power grids & cause power outages | |
| CERT-EU | 10 months ago | Ukraine's power grid targeted by Sandworm hackers last year | |
| CERT-EU | 10 months ago | Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes | |
| Securityaffairs | 10 months ago | Russian Sandworm disrupts power in Ukraine with a new OT attack | |
| CERT-EU | 10 months ago | Sandworm hackers incapacitated Ukrainian power grid amid missile strike - Help Net Security | |
| CERT-EU | 10 months ago | Russian hackers disrupted Ukrainian electrical grid last year | |
| CERT-EU | 10 months ago | Russia's Sandworm, not just missile strikes, behind blackout | |
| CERT-EU | 10 months ago | Russian hackers switch to LOTL technique to cause power outage | |
| InfoSecurity-magazine | 10 months ago | Russian APT Sandworm Disrupted Power in Ukraine Using OT Techniques | |
| CERT-EU | 10 months ago | New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks | |
| BankInfoSecurity | a year ago | Ukrainian Telcos Targeted by Suspected Sandworm Hackers |