Dunghill Leak

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Dunghill Leak, a relatively new ransomware group, emerged into public view on September 8, 2023, claiming responsibility for a significant cyberattack on the global travel booking giant, Sabre's systems. The group allegedly stole around 1.3 terabytes of data, including databases on ticket sales and passenger turnover, employees' personal data, and corporate financial information. This data breach was publicly announced on Dunghill Leak's dark web leak site, showcasing the group's boldness and its willingness to publicize its actions. The origins of Dunghill Leak trace back to two previous strains of ransomware: Dark Angels and Babuk. Security researchers at Malwarebytes have identified this lineage, suggesting that Dunghill Leak is essentially a rebranded version of Dark Angels, which itself evolved from Babuk. Despite this continuity, little else is known about Dunghill Leak, making it a challenging threat to predict and counter. In addition to Sabre, Dunghill Leak has also claimed credit for cyberattacks on other prominent companies, such as coin-operated game maker Incredible Technologies, food giant Sysco, and automotive products manufacturer Gentex. In one instance, the group boasted of having access to 500 GB of a company's data, including game files and tax payment reports. These actions demonstrate Dunghill Leak's capacity to target a wide range of industries, further enhancing its reputation as a formidable and versatile cyber threat.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Babuk
2
Babuk is a type of malware, specifically ransomware, which is designed to infiltrate systems and hold data hostage for ransom. It can be delivered through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a system, Babuk can disrupt operations and steal perso
Dark Angels
2
Dark Angels is a recognized threat actor, or hacking team, known for its malicious activities in the cybersecurity landscape. This group is primarily involved in executing ransomware attacks, where they encrypt a victim's data and demand payment for its release. However, their modus operandi also in
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Extortion
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Dunghill Leak Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Ransomware gang claims credit for Sabre data breach | #ransomware | #cybercrime | National Cyber Security Consulting
Malwarebytes
a year ago
Ransomware review: May 2023
CERT-EU
a year ago
New ransomware group Dunghill Leak claims responsibility for Sabre cyberattack
CERT-EU
a year ago
Ransomware gang claims credit for Sabre data breach | TechCrunch