| ID | Votes | Profile Description |
|---|
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Qbot | Unspecified | 3 | Qbot, also known as Qakbot or Pinkslipbot, is a modular information-stealing malware that emerged in 2007 as a banking trojan. Over the years, it has evolved into an advanced malware strain used by multiple cybercriminal groups to compromise networks and prepare them for ransomware attacks. The firs |
| Conti | Unspecified | 3 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
| ProLock | Unspecified | 2 | ProLock is a type of malware, specifically ransomware, that is designed to infiltrate computer systems, often unbeknownst to the user. It typically enters systems through suspicious downloads, emails, or websites. Once inside, ProLock can steal personal information, disrupt operations, and hold data |
| REvil | Unspecified | 2 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
| MegaCortex | Unspecified | 2 | MegaCortex is a type of malware known for its harmful effects on computer systems and devices. It was identified by Dragos, a cybersecurity firm, as having a relationship with another ransomware called EKANS. Both MegaCortex and EKANS have specific characteristics that pose unique risks to industria |
| Black Basta | Unspecified | 2 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
| QakBot | Unspecified | 2 | Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e |
| Ursnif | Unspecified | 1 | Ursnif, also known as Gozi or ISFB, is a type of malware that poses significant threats to computer systems and user data. It's often distributed through suspicious downloads, emails, or websites, infiltrating systems without the user's knowledge. Once installed, Ursnif can steal personal informatio |
| Emotet | Unspecified | 1 | Emotet is a highly dangerous and insidious malware that has resurfaced with increased activity this summer. Originally distributed via email attachments, it infiltrates systems often without the user's knowledge, forming botnets under the control of criminals for large-scale attacks. Once infected, |
| Ryuk | Unspecified | 1 | Ryuk is a sophisticated malware, specifically a ransomware variant, that has been extensively used by cybercriminal group ITG23. The group has been employing crypting techniques for several years to obfuscate their malware, with Ryuk often seen in tandem with other malicious software such as Trickbo |
| Maze Ransomware | Unspecified | 1 | Maze ransomware is a type of malware that emerged in 2019, employing a double extortion tactic to wreak havoc on its victims. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for |
| Cobaltstrike | Unspecified | 1 | CobaltStrike is a notorious form of malware that has been used in conjunction with other malicious software including IcedID, Qakbot, BazarLoader, Conti, Gozi, Trickbot, Quantum, Emotet, and Royal Ransomware. This malware is typically delivered through suspicious downloads, emails, or websites, ofte |
| Doppelpaymer | Unspecified | 1 | DoppelPaymer is a form of malware, specifically ransomware, known for its high-profile attacks on large organizations and municipalities. Originally based on the BitPaymer ransomware, DoppelPaymer was reworked and renamed by the threat group GOLD HERON, after initially being operated by GOLD DRAKE. |
| Hades Ransomware | Unspecified | 1 | Hades ransomware is a variant of the WastedLocker malware, which is designed to exploit and damage computers or devices. It was observed by CTU researchers being used in conjunction with Advanced Port Scanner, MegaSync, and Malleable C2 tools in various cyberattack incidents. These tools have been l |
| Maze | Unspecified | 1 | Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w |
| Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Pysa | Unspecified | 1 | Pysa is a type of ransomware, a malicious software designed to exploit and damage computer systems by encrypting data and demanding ransom for its decryption. The Pysa ransomware group, known for its organizational hierarchy that includes senior executives, system admins, developers, recruiters, HR, |
| Clop | Unspecified | 1 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
| Diavol | Unspecified | 1 | Diavol is a type of malware, specifically ransomware, that infiltrates systems to exploit and cause damage. It can infect systems through various channels such as suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Diavol can steal personal information, disrupt ope |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Alphv | Unspecified | 2 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
| 8base | Unspecified | 1 | 8base, a significant threat actor in the cybersecurity landscape, has been active between April 2022 and May 2023. This group, while not new, has recently increased its visibility with the activation of a public leak site used to pressure victims into paying ransoms. In the last month alone, 8base o |
| Hades | Unspecified | 1 | Hades is a notable threat actor, known for its distinctive tactics and infrastructure in executing cyber attacks. The cybersecurity industry first observed Hades' operations in June 2021, with its activities marked by the use of advanced tools such as Advanced Port Scanner, MegaSync, Rclone, and Mal |
| Sodinokibi | Unspecified | 1 | Sodinokibi, also known as REvil, is a significant threat actor first identified in April 2019. This ransomware family operates as a Ransomware-as-a-Service (RaaS) and has been responsible for one in three ransomware incidents responded to by IBM Security X-Force in 2020. The Sodinokibi ransomware st |
| Gandcrab | Unspecified | 1 | GandCrab, a threat actor, is known for its malicious activities involving ransomware attacks. Originating from Russian origins and evolving from Team Truniger, a former GandCrab affiliate, the group has been linked to numerous ransomware variants including Bad Rabbit, LockBit 2.0, STOP/DJVU, and REv |
| Wizard Spider | Unspecified | 1 | Wizard Spider, also known as ITG23, DEV-0193, Trickbot Group, Fin12, and Grimspider, is a significant threat actor in the cybercrime landscape. This group has been continually analyzed by IBM Security X-Force researchers for its use of several crypters and is credited with creating the notorious, ev |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2018-15982 | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 7 months ago | Examples of Past and Current Attacks | #ransomware | #cybercrime | National Cyber Security Consulting |
| CERT-EU | 7 months ago | The law enforcement operations targeting cybercrime in 2023 |
| Securityaffairs | 7 months ago | Video game giant Ubisoft investigates reports of a data breach |
| MITRE | 7 months ago | Threat Assessment: Black Basta Ransomware |
| CERT-EU | 8 months ago | Defend Against Cyber Threats: Understanding Each Ransomware Type |
| DARKReading | 10 months ago | 'Gold Melody' Access Broker Plays on Unpatched Servers' Strings |
| CERT-EU | 10 months ago | GOLD MELODY: Profile of an Initial Access Broker |
| CERT-EU | 10 months ago | Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers |
| CERT-EU | a year ago | How the FBI nuked Qakbot malware from infected Windows PCs |
| CERT-EU | a year ago | Qakbot botnet dismantled after infecting over 700,000 computers |
| CERT-EU | a year ago | What Is Double Extortion Ransomware? |
| CERT-EU | a year ago | Focus on DroxiDat/SystemBC – GIXtools |
| CERT-EU | a year ago | Focus on DroxiDat/SystemBC |
| CERT-EU | a year ago | 200+ Free Ransomware Decryption Tools You Need [2022 List] |
| InfoSecurity-magazine | a year ago | Manufacturing Sector Reeling From Financial Costs of Ransomware |
| CERT-EU | a year ago | News Alert: Lumu announces launch of new threat hunting service to come at Black Hat USA 2023 | The Last Watchdog |
| CERT-EU | a year ago | 8Base Ransomware Group Emerges as Major Threat |
| CERT-EU | a year ago | Regis Aged Care upgrades endpoint security |
| MITRE | a year ago | Cybereason vs. Conti Ransomware |
| MITRE | a year ago | Diavol - A New Ransomware Used By Wizard Spider? | Fortinet |