Alias Description | Votes |
---|---|
Blackmatter is a possible alias for DarkSide. BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention | 9 |
Alphv is a possible alias for DarkSide. AlphV, also known as BlackCat, is a notable threat actor that has been operational since November 2021. This group has pioneered the public leaks business model in the realm of ransomware attacks and has been associated with significant cybercrimes. It is particularly infamous for its attack on Morr | 7 |
Alias Description | Association Type | Votes |
---|---|---|
The REvil Malware is associated with DarkSide. REvil is a notorious malware, specifically ransomware, which infiltrates computer systems through suspicious downloads, emails, or websites. It then exploits and damages the compromised system, often stealing personal information, disrupting operations, or holding data hostage for ransom. As part of | is related to | 9 |
The Lockbit Malware is associated with DarkSide. LockBit is a notorious malware that has been involved in several high-profile ransomware incidents, including attacks on Boeing, London Drugs, Ontario hospitals, and Accenture. The malicious software infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user | Unspecified | 6 |
The Avaddon Malware is associated with DarkSide. Avaddon is a type of malware, specifically ransomware, designed to exploit and damage computer systems. It was notable for its compatibility with older systems such as Windows XP and Windows 2003, distinguishing it from other ransomware like Darkside and Babuk which targeted more modern systems like | Unspecified | 5 |
The Maze Malware is associated with DarkSide. Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w | Unspecified | 5 |
The Conti Malware is associated with DarkSide. Conti is a type of malware, specifically a ransomware, that infiltrates computer systems to exploit and damage them. It was commonly used in cyberattacks by ITG23, a cybercriminal group which also used other malware like Trickbot and BazarLoader. The Conti ransomware was known for its sophisticated | Unspecified | 4 |
The Babuk Malware is associated with DarkSide. Babuk is a type of malware, specifically ransomware, that infiltrates systems to encrypt files and hold them for ransom. This malicious software can infect your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operations by enc | Unspecified | 4 |
The Hive Malware is associated with DarkSide. Hive is a malicious software (malware) known for its ransomware capabilities, which has been highly active in numerous countries, including the US. This malware infects systems often through suspicious downloads, emails, or websites, disrupting operations and stealing personal information. Notably, | Unspecified | 3 |
The Ragnar Locker Malware is associated with DarkSide. Ragnar Locker is a type of malware, specifically ransomware, known for its destructive impact on computer systems. It infiltrates systems primarily through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data hostage for rans | Unspecified | 3 |
The Ryuk Malware is associated with DarkSide. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 3 |
The Trigona Malware is associated with DarkSide. Trigona was a significant strain of ransomware that emerged in 2022, known for its harmful effects on computer systems. The malware infiltrated systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it could steal personal information, disrupt ope | Unspecified | 2 |
The Revil/sodinokibi Malware is associated with DarkSide. REvil/Sodinokibi is a type of malware, specifically ransomware, first identified on September 24, 2019. This malicious software is designed to infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal information, | Unspecified | 2 |
The Maze Ransomware Malware is associated with DarkSide. Maze ransomware is a type of malware that emerged in 2019, employing a double extortion tactic to wreak havoc on its victims. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for | Unspecified | 2 |
The Cheerscrypt Malware is associated with DarkSide. Cheerscrypt is a malicious software (malware) that was discovered in May 2022, specifically designed to target ESXi servers, which are extensively used by enterprises for server virtualization. This discovery was made following the reporting of DarkSide ransomware variants in May 2021. Cheerscrypt, | Unspecified | 2 |
The Lockbit Black Malware is associated with DarkSide. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands | Unspecified | 2 |
The Bablock Malware is associated with DarkSide. BabLock, also known as Rorschach, is a type of malware that operates as ransomware. First identified by Check Point Research in April 2023, this harmful software infiltrates computer systems and devices, often without the user's knowledge, with the aim to exploit, damage, and potentially hold data h | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The FIN7 Threat Actor is associated with DarkSide. FIN7, also known as Carbanak, is a Russian cybercrime group that has been active since mid-2015. They are known for their malicious activities primarily targeting the restaurant, gambling, and hospitality industries in the United States to harvest financial information which is then used in attacks | Unspecified | 4 |
The Sodinokibi Threat Actor is associated with DarkSide. Sodinokibi, also known as REvil, is a significant threat actor first identified in April 2019. This ransomware family operates as a Ransomware-as-a-Service (RaaS) and has been responsible for one in three ransomware incidents responded to by IBM Security X-Force in 2020. The Sodinokibi ransomware st | Unspecified | 3 |
The LockBitSupp Threat Actor is associated with DarkSide. LockBitSupp, also known as Dmitry Yuryevich Khoroshev, is a Russian national who has been identified as the leader and key developer behind the prolific ransomware variant, LockBit. From as early as September 2019 through to 2024, Khoroshev was involved in recruiting new affiliate members, speaking | Unspecified | 2 |
The Sangria Tempest Threat Actor is associated with DarkSide. Sangria Tempest, also known as Carbon Spider, Elbrus, and FIN7, is a threat actor that has been active since 2013. In mid-November 2023, Microsoft observed Sangria Tempest using Storm-1113's EugenLoader delivered through malicious MSIX package installations. The group frequently targets the restaura | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The vulnerability CVE-2021-20016 is associated with DarkSide. | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 7 days ago | ||
Securityaffairs | 2 months ago | ||
BankInfoSecurity | 2 months ago | ||
DARKReading | 3 months ago | ||
BankInfoSecurity | 3 months ago | ||
Quick Heal Technologies Ltd. | 4 months ago | ||
BankInfoSecurity | 6 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
BankInfoSecurity | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 7 months ago | ||
InfoSecurity-magazine | 7 months ago |