| ID | Votes | Profile Description |
|---|---|---|
| Gandcrab | 2 | GandCrab, a threat actor, is known for its malicious activities involving ransomware attacks. Originating from Russian origins and evolving from Team Truniger, a former GandCrab affiliate, the group has been linked to numerous ransomware variants including Bad Rabbit, LockBit 2.0, STOP/DJVU, and REv |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Emotet | Unspecified | 6 | Emotet is a highly dangerous and insidious type of malware that has been active, particularly during recent summers. It is distributed primarily through documents attached to emails, using conversations found in compromised accounts. Once an unsuspecting user clicks either the enable button or an im |
| IcedID | Unspecified | 4 | IcedID is a malicious software (malware) that has been linked to various cybercrime operations. The malware can infiltrate systems via suspicious downloads, emails, or websites and proceed to steal personal information, disrupt operations, or hold data for ransom. IcedID has been associated with oth |
| QakBot | Unspecified | 3 | Qakbot is a type of malware that has been linked to various cybercriminal activities, with its presence first observed as early as 2020. It gained notoriety for its role in the operations of the Black Basta ransomware group, which used Qakbot extensively in sophisticated phishing campaigns. The malw |
| BitPaymer | Unspecified | 3 | BitPaymer is a type of malware that operates as ransomware, encrypting files and demanding payment for their release. It was operated by the GOLD DRAKE threat group and was later reworked and renamed DoppelPaymer by the GOLD HERON threat group. As part of the Ransomware as a Service (RaaS) model tha |
| TrickBot | Unspecified | 3 | TrickBot is a notorious malware that has been used extensively by cybercriminals to exploit and damage computer systems. It operates as a crimeware-as-a-service platform, infecting systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can stea |
| Doppelpaymer | Unspecified | 3 | DoppelPaymer is a form of malware, specifically ransomware, known for its high-profile attacks on large organizations and municipalities. Originally based on the BitPaymer ransomware, DoppelPaymer was reworked and renamed by the threat group GOLD HERON, after initially being operated by GOLD DRAKE. |
| Gameover Zeus | Unspecified | 2 | Gameover ZeuS, also known as P2P ZeuS, is a notorious piece of malware designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even |
| Zeus | Unspecified | 2 | Zeus is a notorious form of malware, or malicious software, designed to exploit and damage computer systems. It infiltrates devices often without the user's knowledge via suspicious downloads, emails, or websites. Once embedded within a system, Zeus can steal personal information, disrupt operations |
| Raccoon | Unspecified | 2 | Raccoon is a type of malware, specifically an infostealer, used predominantly by the Scattered Spider threat actors to obtain login credentials, browser cookies, and histories. This malicious software, which is sold as Malware-as-a-Service (MaaS) on dark web forums, is both effective and inexpensive |
| Ursnif | Unspecified | 2 | Ursnif, also known as Gozi or ISFB, is a type of malware that poses significant threats to computer systems and user data. It's often distributed through suspicious downloads, emails, or websites, infiltrating systems without the user's knowledge. Once installed, Ursnif can steal personal informatio |
| Gozi | Unspecified | 2 | Gozi is a notorious malware that has been linked to numerous cyber attacks. It's typically delivered through sophisticated malvertising techniques, often used in conjunction with other initial access malware such as Pikabot botnet agent and IcedID information stealer. When an individual accesses a c |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| TA505 | Unspecified | 4 | TA505, also known as Cl0p Ransomware Gang and Lace Tempest, is a highly active and sophisticated cybercriminal group. The group has been associated with various high-profile cyber-attacks, demonstrating adaptability through a multi-vector approach to their operations. In June 2023, the U.S. Cybersec |
| fin11 | Unspecified | 2 | FIN11, a threat actor group also known as Lace Tempest or TA505, has been linked to the development and deployment of Cl0p ransomware. This malicious software is believed to be a variant of another ransomware, CryptoMix, and is typically used by FIN11 to encrypt files on a victim's network after ste |
| Evil Corp | Unspecified | 2 | Evil Corp, a threat actor group based in Russia, has been identified as a significant cybercrime entity responsible for the execution of malicious actions. The alleged leader of this group is Maksim Yakubets, who is notably associated with Dridex malware operations. The U.S. Treasury imposed sanctio |
| Indrik Spider | Unspecified | 2 | Indrik Spider is a notable threat actor known for its cybercriminal activities, particularly in the realm of ransomware. In July 2017, the group entered the targeted ransomware sphere with BitPaymer, using file-sharing platforms to distribute the BitPaymer decryptor. This shift in operations saw Ind |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Unit42 | 6 months ago | Intruders in the Library: Exploring DLL Hijacking | |
| Checkpoint | 7 months ago | Maldocs of Word and Excel: Vigor of the Ages - Check Point Research | |
| CERT-EU | 8 months ago | One paid out, one did not • The Register | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | |
| CERT-EU | 9 months ago | Log4Shell: A Persistent Threat to Cybersecurity - Two Years On - Cybersecurity Insiders | |
| CERT-EU | 10 months ago | Are DarkGate and PikaBot the new QakBot? | |
| CERT-EU | 10 months ago | Latest RAT attack surge bypasses Microsoft's XLL block | |
| CERT-EU | 10 months ago | DG NCA Graeme Biggar delivers RUSI's 4th Annual Security Lecture | |
| MITRE | 2 years ago | Tricks of the Trade: A Deeper Look Into TrickBot's Machinations | |
| CERT-EU | a year ago | Update: The 2023 Malware League Table | |
| CERT-EU | a year ago | Insider Threat Awareness Month: Protecting Your Business from Within | |
| CERT-EU | a year ago | Storm-0324 Exploits MS Teams Chats to Facilitate Ransomware Attacks | |
| CERT-EU | a year ago | Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | |
| CERT-EU | a year ago | August 2023's Most Wanted Malware : New ChromeLoader Campaign Spreads Malicious Browser Extensions while QBot is Shut Down by FBI – Global Security Mag Online | |
| CERT-EU | a year ago | Three malware loaders behind 80% of intrusions, researchers find | |
| CERT-EU | a year ago | Cybersecurity Companies Report Surge in Ransomware Attacks | |
| CERT-EU | a year ago | Eight ways to guard against botnet attacks on enterprise networks | |
| CERT-EU | a year ago | Patch Against Exploit Kits. Understanding How Threat Actors Target Your Defenses | |
| CERT-EU | a year ago | Locky Ransomware 101: Everything You Need to Know | |
| BankInfoSecurity | a year ago | Moscow Court Convicts Former Group-IB Chief for Treason | |
| CERT-EU | a year ago | Jailed On Treason Charges, A Russian Cybersecurity Exec Goes On The Offensive | #cybercrime | #infosec | National Cyber Security Consulting |