Calypso

Threat Actor Profile Updated 13 days ago
Download STIX
Preview STIX
Calypso is a notable threat actor in the cybersecurity landscape, known for executing actions with malicious intent. The group has been involved in various cyber-attacks worldwide, targeting governmental entities and private companies across different regions. On February 28, 2021, vulnerabilities were observed being exploited by several threat actors, including Calypso, Tick, LuckyMouse, and the Winnti Group. These groups were likely using recent Microsoft Exchange vulnerabilities to compromise email servers globally. On March 1, 2021, Calypso compromised the email servers of governmental entities in the Middle East and South America. This indicates that the group had access to the exploit as a zero-day vulnerability, similar to LuckyMouse and Tick. In the days following this breach, Calypso operators targeted additional servers belonging to governmental entities and private companies in Africa, Asia, and Europe, utilizing the same exploit. Calypso uses command-and-control (C&C) servers like rawfuns[.]com and yolkish[.]com, and employs loaders such as EB8D39CE08B32A07B7D847F6C29F4471CD8264F2 Win32/Korplug.RU, 30DD3076EC9ABB13C15053234C436406B88FB2B9 Win32/Korplug.RT, and 4F0EA31A363CFE0D2BBB4A0B4C5D558A87D8683E Win32/Agent.ACUS for Win32/Agent.UFX and Win32/Korplug.ED. The Berryville Institute of Machine Learning (BIML) recently attended Calypso AI’s Accelerate AI 2023 conference in Washington, DC, indicating the growing attention towards understanding and mitigating threats posed by such actors.
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Winnti Group
3
The Winnti Group, a collective of several Chinese Advanced Persistent Threat (APT) groups including APT41, is renowned for its malicious cyber activities. First gaining notoriety for its attacks on computer game developers, the group has since been linked to high-level cyber espionage conducted by t
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
LuckyMouseUnspecified
2
LuckyMouse, also known as Budworm, Emissary Panda, and APT27, is a threat actor that has been involved in several high-profile cyber-espionage activities. The group has demonstrated its ability to develop and deploy advanced cyber tools, targeting various operating systems including MacOS, Linux, an
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Calypso Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Exchange servers under siege from at least 10 APT groups | WeLiveSecurity
DARKReading
4 months ago
Startups Scramble to Build Immediate AI Security
CERT-EU
6 months ago
IriusRisk Hosts Fireside Chat with Artificial Intelligence & Machine Learning Industry Leaders
SecurityIntelligence.com
6 months ago
X-Force Research Update: Top 10 Cybersecurity Vulnerabilities of 2021
CERT-EU
a year ago
Matthieu Faou | WeLiveSecurity
CERT-EU
2 months ago
Europe is trying to regulate AI. That could backfire.
CERT-EU
6 months ago
Connect the Dots on State-Sponsored Cyber Incidents - Targeting of Afghan telecommunication firm Roshan
DARKReading
a year ago
Tech Insight: Dangers of Using Large Language Models Before They Are Baked