Eking

Malware updated 5 days ago (2024-11-29T14:19:45.270Z)
Download STIX
Preview STIX
Eking is a malware, specifically a variant of the Phobos ransomware family. Malware, or malicious software, is designed to infiltrate and damage computers without the users' consent. Eking can infect systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom. The Eking variant, along with Eight, Elbie, Devos, and Faust, are among the most common Phobos variants based on the frequency of their appearance across analyzed samples. The cybersecurity research team at FortiGuard Labs has captured and reported several instances of Eking and other Phobos ransomware variants. Their deep analysis of these threats provides valuable insights into their behavior and potential countermeasures. Eking, in particular, has been extensively studied by FortiGuard Labs, as evidenced by their detailed reports available online. Moreover, the malware commonly communicates via numerous email providers, including but not limited to gmx[.]com, tutanota[.]com, aol[.]com, protonmail[.]com, and gmail[.]com, making detection and tracking more challenging. The Eking malware is associated with an extensive list of file extensions including, but not limited to, faust, actin, DIKE, Acton, actor, Acuff, FILE, Acuna, fullz, MMXXII, GrafGrafel, kmrox, s0m1n, qos, cg, ext, rdptest, S0va, 6y8dghklp, SHTORM, NURRI, GHOST, FF6OM6, blue, NX, BACKJOHN, OWN, FS23, 2QZ3, top, blackrock, CHCRBO, G-STARS, faust, unknown, STEEL, worry, WIN, duck, fopra, unique, acute, adage, make, Adair, MLF, magic, Adame, banhu, banjo, Banks, Banta, Barak, Caleb, Cales, Caley, calix, Calle, Calum, Calvo, deuce, Dever, devil, Devoe, Devon, Devos, dewar, eight, eject, eking, Elbie, elbow, elder, phobos, help, blend, bqux, com, mamba, KARLOS, DDoS, phoenix, PLUT, karma, bbc, capital, wallet, lks, tech, s1g2n3a4l, murk, makop, ebaka, jook, logan, fiasko, gucci, decrypt, ooh, non, grt, lizard, flscrypt, sdk, 2023, and vhdv. This extensive list of associated file extensions underscores the broad reach and potential impact of Eking malware.
Description last updated: 2024-05-04T22:33:24.746Z
What's your take? (Question 1 of 2)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Devos is a possible alias for Eking. Devos is a variant of the Phobos ransomware, a type of malicious software designed to exploit and damage computer systems. According to open-source reports, Devos is likely connected to numerous other variants such as Elking, Eight, Backmydata, and Faust due to similar Tactics, Techniques, and Proce
2
Phobos is a possible alias for Eking. Phobos is a form of malware, specifically ransomware, that has been active since May 2019. The operation utilizes a ransomware-as-a-service (RaaS) model and is responsible for numerous cyber attacks worldwide. Threat actors behind Phobos gained initial access to vulnerable networks through phishing
2
Faust is a possible alias for Eking. Faust is a variant of the Phobos ransomware family, which has been linked to several other variants such as Elking, Eight, Devos, and Backmydata due to similarities in their tactics, techniques, and procedures (TTPs). The malware, Faust, represents a malicious software designed to exploit and damage
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Eking Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more