Alias Description | Votes |
---|---|
REvil is a possible alias for Gandcrab. REvil, also known as Sodinokibi, is a malicious software (malware) that operates on a Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, with first-stage malware like Dridex and Gootkit being linked to ransomware attacks such as BitPaymer and REvil respectively. Th | 7 |
Dridex is a possible alias for Gandcrab. Dridex is a notorious malware, specifically a banking Trojan, designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software was primarily used by the Russian cybercriminal group, Evil Corp, founded in 2014. The group ta | 2 |
Team Truniger is a possible alias for Gandcrab. Team Truniger, also known as Snatch, is a threat actor group that first emerged in 2018. The group was initially named after the online handle of its founder and organizer, Truniger, who had previously worked as an affiliate of the GandCrab ransomware-as-a-service operation. According to a joint adv | 2 |
Sodinokibi is a possible alias for Gandcrab. Sodinokibi, also known as REvil, is a highly active and impactful threat actor first identified in April 2019. Operating as a ransomware-as-a-service (RaaS), this group has been responsible for a significant proportion of global ransomware incidents. In 2020, Sodinokibi ransomware attacks accounted | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Vidar Malware is associated with Gandcrab. Vidar is a malicious software (malware) that primarily targets Windows systems, written in C++ and based on the Arkei stealer. It has historically been favored by threat actors who sell logs through marketplaces like 2easy, alongside other infostealers such as Raccoon, RedLine, and AZORult. The malw | Unspecified | 2 |
The Lockbit Malware is associated with Gandcrab. LockBit is a prominent ransomware-as-a-service (RaaS) malware that has been involved in numerous cyberattacks, demonstrating its staying power and adaptability. The malware, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers or | Unspecified | 2 |
The Snatch Malware is associated with Gandcrab. Snatch is a type of malware, specifically a ransomware, that poses significant threats to digital security. This malicious software infiltrates systems typically via suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, Snatch can cause extensive damage, inc | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The GOLD SOUTHFIELD Threat Actor is associated with Gandcrab. Gold Southfield is a threat actor group known for its malicious cyber activities. Secureworks® Counter Threat Unit™ (CTU) researchers have found significant overlaps in the code structure of LV ransomware and REvil, a ransomware operated by Gold Southfield. This suggests that Gold Southfield may hav | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
InfoSecurity-magazine | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | a year ago | ||
MITRE | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | a year ago |