ID | Votes | Profile Description |
---|---|---|
REvil | 7 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
Sodinokibi | 2 | Sodinokibi, also known as REvil, is a significant threat actor first identified in April 2019. This ransomware family operates as a Ransomware-as-a-Service (RaaS) and has been responsible for one in three ransomware incidents responded to by IBM Security X-Force in 2020. The Sodinokibi ransomware st |
Dridex | 2 | Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o |
Team Truniger | 2 | Team Truniger, also known as Snatch, is a threat actor group that first emerged in 2018. The group was initially named after the online handle of its founder and organizer, Truniger, who had previously worked as an affiliate of the GandCrab ransomware-as-a-service operation. According to a joint adv |
Krab | 1 | Krab, a threat actor, has been identified as a significant player in the cybersecurity landscape. This group, which could be an individual, a private company, or part of a government entity, is responsible for executing actions with malicious intent. The naming conventions within the cybersecurity i |
Dreamsmasher | 1 | None |
Quant Loader | 1 | Quant Loader is a significant threat actor in the realm of cybersecurity, known for executing actions with malicious intent. It has been linked to various malware campaigns, distributing harmful software such as GandCrab ransomware, DreamSmasher, Dridex, and itself - Quant Loader. The threat actor o |
ID | Type | Votes | Profile Description |
---|---|---|---|
Vidar | Unspecified | 2 | Vidar is a Windows-based malware written in C++, derived from the Arkei stealer, which is designed to infiltrate and exploit computer systems. It has been used alongside other malware variants such as Emotet, IcedID, CobaltStrike, SVCReady, CargoBay, Pushdo, Minodo, DiceLoader, AresLoader, LummaC2, |
Lockbit | Unspecified | 2 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Snatch | Unspecified | 2 | Snatch is a type of malware, specifically ransomware, designed to infiltrate systems undetected, often through suspicious downloads, emails, or websites. Once inside the system, it can wreak havoc by stealing personal information, disrupting operations, or holding data hostage for ransom. The Snatch |
Nemty | Unspecified | 1 | Nemty is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It was developed by a cybercriminal group known as farnetwork, which has been active since 2019. Farnetwork has been involved in several ransomware projects, including JSWORM, Nefilim, Karma, an |
Maze | Unspecified | 1 | Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w |
Smokeloader | Unspecified | 1 | SmokeLoader is a malicious software (malware) that has been extensively used by threat actors, particularly those associated with the Phobos ransomware. It functions as a backdoor trojan, often arriving on victims' systems via spoofed email attachments embedded with hidden payloads. Once downloaded, |
Gozi Isfb | Unspecified | 1 | Gozi ISFB, also known as Ursnif and Dreambot, is a malicious software (malware) that has been actively developed and distributed worldwide. This malware is designed to exploit computer systems, primarily targeting the banking and financial sectors by stealing passwords and credentials from victims. |
Egregor | Unspecified | 1 | Egregor is a variant of the Sekhmet ransomware and operates as Ransomware-as-a-Service (RaaS). It emerged in 2020, suspected to be from former Maze affiliates. Known for its double extortion tactics, Egregor publicly shames its victims by leaking sensitive data if the ransom isn't paid. In one notab |
Jssloader | Unspecified | 1 | JssLoader is a malware often used by the ransomware gang FIN7, also known as Sangria Tempest, Elbrus, Carbon Spider, and others. This malicious software is typically delivered through deceptive tactics such as email lures, including invoice- and payment-themed decoy messages that trick users into do |
Bad Rabbit | Unspecified | 1 | Bad Rabbit is a notorious malware that emerged in October 2017, primarily targeting corporate networks. It operates as ransomware, encrypting the victim's files and disk while offering a means of decryption for a ransom. The malicious software uses fake Adobe Flash installer advertisements to lure v |
Dreambot | Unspecified | 1 | Dreambot, also known as Ursnif and Gozi ISFB, is a malicious software (malware) designed to steal passwords and credentials, primarily targeting the banking and financial sectors. It has been described by threat researchers as "frighteningly lucrative," compared to the already profitable cybercrime |
Conti | Unspecified | 1 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
Ryuk | Unspecified | 1 | Ryuk is a sophisticated malware, specifically a ransomware variant, that has been extensively used by cybercriminal group ITG23. The group has been employing crypting techniques for several years to obfuscate their malware, with Ryuk often seen in tandem with other malicious software such as Trickbo |
ID | Type | Votes | Profile Description |
---|---|---|---|
GOLD SOUTHFIELD | Unspecified | 2 | Gold Southfield is a threat actor group known for its malicious cyber activities. Secureworks® Counter Threat Unit™ (CTU) researchers have found significant overlaps in the code structure of LV ransomware and REvil, a ransomware operated by Gold Southfield. This suggests that Gold Southfield may hav |
Pinchy Spider | Unspecified | 1 | Pinchy Spider is a prominent threat actor in the cybersecurity landscape, notorious for its involvement in ransomware and data extortion activities. The group emerged as a significant player with the advent of Ransomware-as-a-Service (RaaS), vowing to be the first ransomware gang to amass $2 billion |
Sodin | Unspecified | 1 | Sodin, also known as Sodinokibi or REvil, is a sophisticated threat actor that emerged in the first half of 2019. This entity quickly drew attention due to its unique methods of distribution and attack. It exploited an Oracle Weblogic vulnerability to distribute itself and targeted Managed Service P |
8base | Unspecified | 1 | 8base, a significant threat actor in the cybersecurity landscape, has been active between April 2022 and May 2023. This group, while not new, has recently increased its visibility with the activation of a public leak site used to pressure victims into paying ransoms. In the last month alone, 8base o |
ID | Type | Votes | Profile Description |
---|---|---|---|
Pinchy Spider Gold Southfield | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
InfoSecurity-magazine | 6 months ago | Why Bulletproof Hosting is Key to Cybercrime-as-a-Service |
CERT-EU | 6 months ago | Banco Promerica Data Breach: Facing Dual Ransomware Threats | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 7 months ago | Examples of Past and Current Attacks | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 7 months ago | HHS Issues First Settlement for HIPAA Violations Related to a Ransomware Attack | Hall Benefits Law | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | a year ago | Triple Extortion and Erased Data are the New Ransomware Norm | #ransomware | #cybercrime – National Cyber Security Consulting |
CERT-EU | a year ago | Unmasking Cybercrime-as-a-Service: The Dark Side of Digital Convenience |
CERT-EU | 7 months ago | Healthcare Industry Cybersecurity at the Close of 2023 |
MITRE | 7 months ago | The Evolution of PINCHY SPIDER from GandCrab to REvil | CrowdStrike |
CERT-EU | 8 months ago | New Phobos ransomware variant implicates VX-Underground |
CERT-EU | 8 months ago | LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed |
CERT-EU | 9 months ago | BA Depicted by OCR as Example of Ransomware Dangers Recovered Quickly, Didn’t Expect Fine |
CERT-EU | 9 months ago | HHS Settles with Doctors’ Management Services Over Ransomware Attack |
CERT-EU | 9 months ago | Medical firm reaches $100,000 settlement with HHS over 2017 ransomware attack |
CERT-EU | 9 months ago | Telehealth & Telecare Aware |
BankInfoSecurity | 9 months ago | Feds Levy First-Ever HIPAA Fine for Ransomware Data Breach |
CERT-EU | 10 months ago | #StopRansomware: Snatch Ransomware | CISA |
CERT-EU | a year ago | 200+ Free Ransomware Decryption Tools You Need [2022 List] |
CERT-EU | a year ago | How the US Government is Fighting Back Against Ransomware | #ransomware | #cybercrime – National Cyber Security Consulting |
CERT-EU | a year ago | 6 Best Ransomware Recovery Services for 2023 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security Consulting |
CERT-EU | a year ago | 8Base Ransomware Group Emerges as Major Threat |