Alias Description | Votes |
---|---|
Blackmatter is a possible alias for DarkSide. BlackMatter, a threat actor in the cybersecurity realm, is known for its malicious activities and has been linked to several ransomware strains. The group emerged as a successor to the DarkSide ransomware, which was responsible for the high-profile attack on the Colonial Pipeline in May 2021. Howeve | 9 |
Alphv is a possible alias for DarkSide. Alphv, also known as BlackCat, is a threat actor group that has been linked to numerous cyberattacks, particularly targeting the healthcare sector. The group made headlines when it stole 5TB of data from Morrison Community Hospital, causing significant disruption and raising concerns about patient p | 7 |
Alias Description | Association Type | Votes |
---|---|---|
The REvil Malware is associated with DarkSide. REvil, also known as Sodinokibi, is a malicious software (malware) that operates on a Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, with first-stage malware like Dridex and Gootkit being linked to ransomware attacks such as BitPaymer and REvil respectively. Th | is related to | 9 |
The Lockbit Malware is associated with DarkSide. LockBit is a prominent ransomware-as-a-service (RaaS) malware that has been involved in numerous cyberattacks, demonstrating its staying power and adaptability. The malware, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers or | Unspecified | 6 |
The Avaddon Malware is associated with DarkSide. Avaddon is a type of malware, specifically ransomware, designed to exploit and damage computer systems. It was notable for its compatibility with older systems such as Windows XP and Windows 2003, distinguishing it from other ransomware like Darkside and Babuk which targeted more modern systems like | Unspecified | 5 |
The Maze Malware is associated with DarkSide. Maze is a form of malicious software, or malware, that pioneered a novel double-extortion tactic in the cyber threat landscape. Its modus operandi involves stealing victims' files before encrypting them, thereby enabling the threat actors to threaten both the disruption of operations and the release | Unspecified | 5 |
The Conti Malware is associated with DarkSide. Conti is a type of malware, specifically ransomware, which is designed to infiltrate and damage computer systems. This malicious software can enter systems through various methods such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal persona | Unspecified | 4 |
The Babuk Malware is associated with DarkSide. Babuk is a form of malware, specifically ransomware, that infiltrates computer systems and encrypts files, rendering them inaccessible to the user. It typically infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operatio | Unspecified | 4 |
The Clop Malware is associated with DarkSide. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin | Unspecified | 3 |
The Hive Malware is associated with DarkSide. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostag | Unspecified | 3 |
The Ragnar Locker Malware is associated with DarkSide. Ragnar Locker is a type of malware, specifically ransomware, known for its destructive impact on computer systems. It infiltrates systems primarily through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data hostage for rans | Unspecified | 3 |
The Ryuk Malware is associated with DarkSide. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 3 |
The Trigona Malware is associated with DarkSide. Trigona was a significant strain of ransomware that emerged in 2022, known for its harmful effects on computer systems. The malware infiltrated systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it could steal personal information, disrupt ope | Unspecified | 2 |
The Maze Ransomware Malware is associated with DarkSide. Maze ransomware is a type of malware that emerged in 2019, employing a double extortion tactic to wreak havoc on its victims. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for | Unspecified | 2 |
The Cheerscrypt Malware is associated with DarkSide. Cheerscrypt is a malicious software (malware) that was discovered in May 2022, specifically designed to target ESXi servers, which are extensively used by enterprises for server virtualization. This discovery was made following the reporting of DarkSide ransomware variants in May 2021. Cheerscrypt, | Unspecified | 2 |
The Lockbit Black Malware is associated with DarkSide. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands | Unspecified | 2 |
The Bablock Malware is associated with DarkSide. BabLock, also known as Rorschach, is a type of malware that operates as ransomware. First identified by Check Point Research in April 2023, this harmful software infiltrates computer systems and devices, often without the user's knowledge, with the aim to exploit, damage, and potentially hold data h | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The FIN7 Threat Actor is associated with DarkSide. FIN7, also known as Carbanak, Carbon Spider, Cobalt Group, and Navigator Group, is a notorious cybercrime group that has been active since 2012. The group is recognized for its advanced combination of malware and social engineering tactics, having executed numerous successful attacks against global | Unspecified | 4 |
The Sodinokibi Threat Actor is associated with DarkSide. Sodinokibi, also known as REvil, is a highly active and impactful threat actor first identified in April 2019. Operating as a ransomware-as-a-service (RaaS), this group has been responsible for a significant proportion of global ransomware incidents. In 2020, Sodinokibi ransomware attacks accounted | Unspecified | 3 |
The LockBitSupp Threat Actor is associated with DarkSide. LockBitSupp, a prominent threat actor, has been identified as Russian national Dmitry Yuryevich Khoroshev. The group's activities have been under scrutiny due to its involvement in ransomware attacks and other cybercrimes. Khoroshev, who was operating under the aliases "LockBit" and "LockBitSupp," i | Unspecified | 2 |
The Sangria Tempest Threat Actor is associated with DarkSide. Sangria Tempest, also known as Carbon Spider, Elbrus, and FIN7, is a threat actor that has been active since 2013. In mid-November 2023, Microsoft observed Sangria Tempest using Storm-1113's EugenLoader delivered through malicious MSIX package installations. The group frequently targets the restaura | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The vulnerability CVE-2021-20016 is associated with DarkSide. | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 3 months ago | ||
Securityaffairs | 4 months ago | ||
BankInfoSecurity | 4 months ago | ||
DARKReading | 5 months ago | ||
BankInfoSecurity | 6 months ago | ||
Quick Heal Technologies Ltd. | 6 months ago | ||
BankInfoSecurity | 8 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
BankInfoSecurity | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
InfoSecurity-magazine | 10 months ago |