ID | Votes | Profile Description |
---|---|---|
BitPaymer | 3 | BitPaymer is a type of malware that operates as ransomware, encrypting files and demanding payment for their release. It was operated by the GOLD DRAKE threat group and was later reworked and renamed DoppelPaymer by the GOLD HERON threat group. As part of the Ransomware as a Service (RaaS) model tha |
Grief | 2 | Grief is a malicious software, or malware, known for its destructive capabilities to exploit and damage computer systems. It infiltrates unsuspecting users' devices through suspicious downloads, emails, or websites, often without their knowledge. Once inside a system, Grief can steal personal inform |
WastedLocker | 1 | WastedLocker is a type of malware developed by the Evil Corp Group, known for its malicious activities. This malware variant was first identified in 2020 and is part of an evolution of ransomware that began with Dridex, followed by DoppelPaymer developed in 2019, and then WastedLocker. The malware i |
ID | Type | Votes | Profile Description |
---|---|---|---|
Dridex | Unspecified | 3 | Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o |
Qbot | Unspecified | 2 | Qbot, also known as Qakbot or Pinkslipbot, is a modular information-stealing malware that emerged in 2007 as a banking trojan. Over the years, it has evolved into an advanced malware strain used by multiple cybercriminal groups to compromise networks and prepare them for ransomware attacks. The firs |
Emotet | Unspecified | 2 | Emotet is a highly dangerous and insidious malware that has resurfaced with increased activity this summer. Originally distributed via email attachments, it infiltrates systems often without the user's knowledge, forming botnets under the control of criminals for large-scale attacks. Once infected, |
ProLock | Unspecified | 1 | ProLock is a type of malware, specifically ransomware, that is designed to infiltrate computer systems, often unbeknownst to the user. It typically enters systems through suspicious downloads, emails, or websites. Once inside, ProLock can steal personal information, disrupt operations, and hold data |
Egregor | Unspecified | 1 | Egregor is a variant of the Sekhmet ransomware and operates as Ransomware-as-a-Service (RaaS). It emerged in 2020, suspected to be from former Maze affiliates. Known for its double extortion tactics, Egregor publicly shames its victims by leaking sensitive data if the ransom isn't paid. In one notab |
MegaCortex | Unspecified | 1 | MegaCortex is a type of malware known for its harmful effects on computer systems and devices. It was identified by Dragos, a cybersecurity firm, as having a relationship with another ransomware called EKANS. Both MegaCortex and EKANS have specific characteristics that pose unique risks to industria |
Clop | Unspecified | 1 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
Azorult | Unspecified | 1 | Azorult is a type of malware, or malicious software, that infiltrates systems to exploit and damage them, often without the user's knowledge. It has historically been one of the favored infostealers sold on the marketplace 2easy, alongside RedLine, Raccoon, Vidar, and Taurus. However, as of late Feb |
Fakeupdates | Unspecified | 1 | FakeUpdates, also known as SocGholish, is a JavaScript-based loader malware that primarily targets Microsoft Windows-based environments. The malware has been in operation for over five years and uses compromised websites to trick users into running a fake browser update. In addition to its deceptive |
Hive | Unspecified | 1 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
Nefilim | Unspecified | 1 | Nefilim is a malware, specifically a ransomware, that has been responsible for significant cyber threats globally. It infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Between 2019 and 2021, |
Ragnar Locker | Unspecified | 1 | Ragnar Locker is a type of malware, specifically a ransomware, that has been designed to infiltrate computer systems, often without the user's knowledge. It can enter systems through suspicious downloads, emails, or websites and once inside, it has the capability to steal personal information, disru |
REvil | Unspecified | 1 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
Netwalker | Unspecified | 1 | NetWalker is a highly profitable ransomware kit, known for its ability to disable antivirus software on Windows 10 systems and encrypt files, adding a random extension to the encrypted ones. Once executed, it disrupts operations and can even hold data hostage for ransom. It has been observed that Ne |
Conti | Unspecified | 1 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sodinokibi | Unspecified | 1 | Sodinokibi, also known as REvil, is a significant threat actor first identified in April 2019. This ransomware family operates as a Ransomware-as-a-Service (RaaS) and has been responsible for one in three ransomware incidents responded to by IBM Security X-Force in 2020. The Sodinokibi ransomware st |
Evil Corp | Unspecified | 1 | Evil Corp, a threat actor group based in Russia, has been identified as a significant cybercrime entity responsible for the execution of malicious actions. The alleged leader of this group is Maksim Yakubets, who is notably associated with Dridex malware operations. The U.S. Treasury imposed sanctio |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | a year ago | 8 of the Biggest Ransomware Attacks in Recent History: A Look Back |
CERT-EU | 7 months ago | The law enforcement operations targeting cybercrime in 2023 |
CERT-EU | 7 months ago | Cybersecurity Year in Review 2023: A zero-day nightmare | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 7 months ago | Cybersecurity Year in Review 2023: A zero-day nightmare | IT World Canada News |
CERT-EU | 7 months ago | AlphV/BlackCat allegedly calls for ransomware gang ‘cartel’ to stand up to police | IT World Canada News |
CERT-EU | 8 months ago | The shifting sands of the war against cyber extortion - Help Net Security |
CERT-EU | 8 months ago | The shifting sands of the war against cyber extortion - Help Net Security |
CERT-EU | 9 months ago | Boeing Confirms Cyberattack Amid Lockbit Ransomware Gang Claims |
CERT-EU | a year ago | No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard. |
Naked Security | a year ago | S3 Ep125: When security hardware has security holes [Audio + Text] |
CERT-EU | a year ago | Ongoing Attacks: Over 600+ Citrix Servers Compromised to Install Web Shells |
CERT-EU | 10 months ago | Cyber Security Week in Review: September 29, 2023 |
CERT-EU | 10 months ago | ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families |
CERT-EU | 10 months ago | Update: The 2023 Malware League Table |
CERT-EU | 10 months ago | DoppelPaymer ransomware group suspects identified - Cyber Security Review |
Malwarebytes | 10 months ago | DoppelPaymer ransomware group suspects identified |
CERT-EU | 10 months ago | August 2023's Most Wanted Malware : New ChromeLoader Campaign Spreads Malicious Browser Extensions while QBot is Shut Down by FBI – Global Security Mag Online |
CERT-EU | a year ago | North Korean hackers used polished LinkedIn profiles to target security researchers |
Securityaffairs | a year ago | New QBot campaign delivered hijacking business correspondence |
CERT-EU | a year ago | 80+ Africa Cybersecurity Statistics and Trends (2023) |