ID | Votes | Profile Description |
---|---|---|
Kamacite | 2 | Kamacite, a threat actor believed to be a unit of the Russian military intelligence service (GRU), has been observed targeting infrastructure across Europe, Ukraine, and the United States. This group is primarily focused on gaining initial access to networks using an implant known as Cyclops Blink. |
Seashell Blizzard | 1 | Seashell Blizzard, also known as Iridium, Sandworm, Voodoo Bear, and APT44, is a state-sponsored threat actor group affiliated with the Russian military intelligence service (GRU). Microsoft has identified this group as distinct from other Advanced Persistent Threat (APT) groups operating under the |
IRON VIKING | 1 | Iron Viking, a threat actor group also known as Sandworm, Telebots, Voodoo Bear, and other names, has been active since 2000. This group operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). Iron Viking is notorious for its destructive cyber-espi |
ID | Type | Votes | Profile Description |
---|---|---|---|
Amos | Unspecified | 2 | AMOS is a malicious software (malware) that targets Mac systems, with the ability to steal passwords, personal files, and cryptocurrency wallet information. It was first identified as part of the ClearFake campaign, which aimed to spread the macOS AMOS information stealer. The malware can infect bot |
Atomic Stealer | Unspecified | 1 | Atomic Stealer is a malicious software (malware) known for its ability to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. It is designed to steal personal information, disrupt operations, and even hold data hostage for ransom. A new version |
Crashoverride | Unspecified | 1 | CrashOverride, also known as Industroyer, is a notorious malware that was leveraged in 2016 to disrupt Ukraine's power grid at the transmission substation level. This malicious software, believed to be state-sponsored by Russia, manipulated Industrial Control Systems (ICS) equipment through the abus |
Cyclops Blink | Unspecified | 1 | "Cyclops Blink" is a type of modular malware that emerged in 2019, designed to target network infrastructure. It was dubbed the "Son of VPNFilter" due to its similarities with the latter campaign. Specifically crafted to run on Linux systems, particularly those with 32-bit PowerPC architecture, Cycl |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sandworm | Unspecified | 3 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
Hades | Unspecified | 1 | Hades is a notable threat actor, known for its distinctive tactics and infrastructure in executing cyber attacks. The cybersecurity industry first observed Hades' operations in June 2021, with its activities marked by the use of advanced tools such as Advanced Port Scanner, MegaSync, Rclone, and Mal |
Telebots | Unspecified | 1 | TeleBots, a notorious threat actor group also known as Sandworm, BlackEnergy, Iron Viking, Voodoo Bear, and Seashell Blizzard, has been identified as operating under the control of Unit 74455 of the Russian GRU's Main Center for Special Technologies (GTsST). Active since 2000, the group is recognize |
Voodoo Bear | Unspecified | 1 | VOODOO BEAR, also known as Sandworm, Seashell Blizzard, and other names such as Iridium, Iron Viking, Telebots, and APT44, is a highly advanced threat actor with a suspected nexus to the Russian Federation. First identified in January 2018, this group has been active since 2000 and operates under th |
XENOTIME | Unspecified | 1 | XENOTIME is a threat actor group that has been active since late 2018, gaining notoriety for its malicious cyber activities. The group was initially referred to as TEMP.Veles by FireEye, but this terminology was later replaced with the more cryptic "TRITON actor". Meanwhile, cybersecurity firm Drago |
Sandworm Team | Unspecified | 1 | The Sandworm Team, a threat actor associated with Russia's military intelligence-linked group, has demonstrated significant capabilities in developing custom malware to target Operational Technology (OT) and Industrial Control Systems (ICSs). Since at least 2015, the team has used the "BlackEnergy" |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Fortinet | a month ago | Fickle Stealer Distributed via Multiple Attack Chain | FortiGuard Labs |
CERT-EU | a year ago | Atomic malware steals Mac passwords, crypto wallets, and more |
BankInfoSecurity | 5 months ago | Defending Operational Technology Environments: Basics Matter |
CERT-EU | 5 months ago | Dragos Reports Rise in Geopolitically Driven Attacks, Ransomware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 5 months ago | New macOS malware ‘Atomic Stealer’ delivers triple dose of misery |
Securityaffairs | 5 months ago | A Ukrainian Raccoon Infostealer operator is awaiting trial in the US |
CERT-EU | 6 months ago | Windows SmartScreen flaw exploited to drop Phemedrone malware |
Securityaffairs | 7 months ago | New Version of Meduza Stealer Released in Dark Web |
Checkpoint | 7 months ago | Rhadamanthys v0.5.0 - a deep dive into the stealer’s components - Check Point Research |
Securityaffairs | 8 months ago | ClearFake campaign spreads macOS AMOS information stealer |
Checkpoint | 10 months ago | Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components - Check Point Research |
Securityaffairs | a year ago | A malvertising campaign is delivering a new version of macOS Atomic Stealer |
CERT-EU | a year ago | Safeguard Your Investments: Discover the Most Secure Brokers for Crypto Trading |
CERT-EU | a year ago | Discover the New Stealer Malware on the Rise:Mystic Stealer |
MITRE | a year ago | ELECTRUM Threat Group | Dragos |
MITRE | a year ago | Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot |
CERT-EU | a year ago | Cyberattacks on Industrial Control Systems Jumped in 2022 |
CSO Online | a year ago | Attacks on industrial infrastructure on the rise, defenses struggle to keep up |
CERT-EU | a year ago | Хакеры снова используют Google Ads для распространения зловредного ПО FatalRAT |
CERT-EU | a year ago | APT Profile: Sandworm - SOCRadar® Cyber Intelligence Inc. |