ID | Votes | Profile Description |
---|---|---|
Commonmagic | 4 | CommonMagic is a malicious software framework that has been actively used since at least September 2021 to target government, agriculture, and transportation organizations located in the Donetsk, Lugansk, and Crimea regions. It was developed by an APT group linked to the Russo-Ukrainian conflict and |
Prikormka | 2 | Prikormka is a type of malware that was used in Operation Groundbait, a cyber threat campaign that took place between 2008 and 2016. The malware is typically deployed through a dropper contained within malicious email attachments and has 13 different components designed to harvest various types of d |
Bad Magic | 1 | Bad Magic, a malicious software (malware), was first reported by Kaspersky in March 2023. The malware is associated with a hacker group known as 'Bad Magic' or 'Red Stinger', which targets companies involved in the Russo-Ukrainian conflict. The group's modus operandi involves the use of a backdoor c |
ID | Type | Votes | Profile Description |
---|---|---|---|
Hwo7x8p | Unspecified | 1 | None |
BlackEnergy | Unspecified | 1 | BlackEnergy is a potent malware toolkit that has been utilized by criminal and Advanced Persistent Threat (APT) actors since 2007. Its destructive capabilities were notably demonstrated in Ukraine where it was used for cyber-espionage, compromising industrial control systems, and launching attacks a |
ID | Type | Votes | Profile Description |
---|---|---|---|
Cloudsorcerer | Unspecified | 3 | None |
Gamaredon | Unspecified | 1 | Gamaredon, a Russian Advanced Persistent Threat (APT) group, has been actively tracked since 2013 and is recognized as a significant threat actor in the cybersecurity landscape. Its primary target is Ukraine, against which it deploys an array of home-brewed malware through malicious documents. The E |
ID | Type | Votes | Profile Description |
---|---|---|---|
Cloudwizard Md5 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
DARKReading | 18 days ago | 'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign |
InfoSecurity-magazine | 19 days ago | New APT CloudSorcerer Malware Hits Russian Targets |
Securelist | 19 days ago | CloudSorcerer APT uses cloud services and GitHub as C2 |
CERT-EU | 6 months ago | Battling the Exploitation of Cloud Services in Global Conflicts |
CERT-EU | 8 months ago | Advanced threat predictions for 2024 – GIXtools |
Securelist | 8 months ago | Kaspersky Security Bulletin: APT predictions 2024 |
Securelist | a year ago | Operation Triangulation: iOS devices targeted with previously unknown malware |
CERT-EU | a year ago | APT trends report Q1 2023 |
CERT-EU | a year ago | APT trends report Q1 2023 - GIXtools |
CERT-EU | a year ago | Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized ​​TP-Link Firmware, RA Group Ransomware Copied Babuk |
CERT-EU | a year ago | IT threat evolution in Q2 2023 – GIXtools |
CERT-EU | a year ago | IT threat evolution Q2 2023 |
CERT-EU | a year ago | Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade |
CERT-EU | a year ago | CloudWizard APT: the bad magic story goes on - GIXtools |
InfoSecurity-magazine | a year ago | CommonMagic Malware Implants Linked to New CloudWizard Framework |
DARKReading | a year ago | CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine |