ID | Votes | Profile Description |
---|---|---|
Cloudwizard | 4 | CloudWizard is a sophisticated malware discovered in May 2023, allegedly developed by an unidentified threat actor based in Ukraine. This malicious software has been linked to a broader set of cyber-attacks across the country, marking an evolution from its predecessors by exploiting well-known cloud |
Powermagic | 4 | PowerMagic is a sophisticated malware, also known as DBoxShell, that has been linked to a series of advanced persistent threat (APT) activities. This malicious software was identified by Kaspersky researchers who traced its connections to previous APT activities such as Operation Groundbait, the Pri |
Prikormka | 2 | Prikormka is a type of malware that was used in Operation Groundbait, a cyber threat campaign that took place between 2008 and 2016. The malware is typically deployed through a dropper contained within malicious email attachments and has 13 different components designed to harvest various types of d |
Bad Magic | 1 | Bad Magic, a malicious software (malware), was first reported by Kaspersky in March 2023. The malware is associated with a hacker group known as 'Bad Magic' or 'Red Stinger', which targets companies involved in the Russo-Ukrainian conflict. The group's modus operandi involves the use of a backdoor c |
Dboxshell | 1 | DboxShell is a type of malware that uses cloud storage services as a command and control (C&C) mechanism. It is also known as PowerMagic by Kaspersky. This malicious software infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can dis |
Graphshell | 1 | GraphShell is a malicious software (malware) that has been used in cyber-attacks to exploit and damage computer systems. It was first reported in March 2023 by the cybersecurity firm Bad Magic, which documented its use in attacks targeting Russian-occupied territories of Ukraine. The malware, also k |
Hwo7x8p | 1 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Securelist | 19 days ago | CloudSorcerer APT uses cloud services and GitHub as C2 |
CERT-EU | 6 months ago | Battling the Exploitation of Cloud Services in Global Conflicts |
CERT-EU | a year ago | CloudWizard APT: the bad magic story goes on - GIXtools |
CERT-EU | a year ago | A Decade of ‘Bad Magic’ In Cyber Espionage |
CERT-EU | a year ago | Linux SSH servers targeted by novel ShellBot malware variants |
CERT-EU | a year ago | APT trends report Q1 2023 |
CERT-EU | a year ago | APT trends report Q1 2023 - GIXtools |
CERT-EU | a year ago | Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade |
CERT-EU | a year ago | Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized TP-Link Firmware, RA Group Ransomware Copied Babuk |
CERT-EU | a year ago | IT threat evolution in Q2 2023 – GIXtools |
CERT-EU | a year ago | IT threat evolution Q2 2023 |
CERT-EU | a year ago | Unknown actors target orgs in Russia-occupied Ukraine |
Securityaffairs | a year ago | New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict |
InfoSecurity-magazine | a year ago | CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone |
CERT-EU | a year ago | Ukraine targeted by novel malware attacks |
InfoSecurity-magazine | a year ago | CommonMagic Malware Implants Linked to New CloudWizard Framework |
DARKReading | a year ago | CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine |