Dunghill Leak

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
Dunghill Leak, a relatively new ransomware group, emerged into public view on September 8, 2023, claiming responsibility for a significant cyberattack on the global travel booking giant, Sabre's systems. The group allegedly stole around 1.3 terabytes of data, including databases on ticket sales and passenger turnover, employees' personal data, and corporate financial information. This data breach was publicly announced on Dunghill Leak's dark web leak site, showcasing the group's boldness and its willingness to publicize its actions. The origins of Dunghill Leak trace back to two previous strains of ransomware: Dark Angels and Babuk. Security researchers at Malwarebytes have identified this lineage, suggesting that Dunghill Leak is essentially a rebranded version of Dark Angels, which itself evolved from Babuk. Despite this continuity, little else is known about Dunghill Leak, making it a challenging threat to predict and counter. In addition to Sabre, Dunghill Leak has also claimed credit for cyberattacks on other prominent companies, such as coin-operated game maker Incredible Technologies, food giant Sysco, and automotive products manufacturer Gentex. In one instance, the group boasted of having access to 500 GB of a company's data, including game files and tax payment reports. These actions demonstrate Dunghill Leak's capacity to target a wide range of industries, further enhancing its reputation as a formidable and versatile cyber threat.
What's your take? (Question 1 of 2)
d9e8d12f-bcf1-4f63-8e89-228fb8075073 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Babuk
2
Babuk is a form of malware, specifically ransomware, that infiltrates systems often through suspicious downloads, emails, or websites. Once inside, it can cause severe disruptions, steal personal data, or even hold the system's data hostage for ransom. Various versions and variants of Babuk ransomwa
Dark Angels
2
Dark Angels, a threat actor or hacking team, has been involved in various high-profile cyberattacks with malicious intent. This group is known for its ransomware attacks, where they encrypt a victim's data and demand a ransom to restore access. The Dark Angels have targeted multiple companies, demon
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Dunghill Leak Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Malwarebytes
a year ago
Ransomware review: May 2023
CERT-EU
9 months ago
Ransomware gang claims credit for Sabre data breach | TechCrunch
CERT-EU
9 months ago
Ransomware gang claims credit for Sabre data breach | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
9 months ago
New ransomware group Dunghill Leak claims responsibility for Sabre cyberattack