ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
FlawedGrace | Unspecified | 4 | FlawedGrace is a notorious malware, a remote access trojan (RAT), that has been used extensively in cyberattacks. It was first brought to light in June 2023 when The DFIR Report revealed its use in Truebot operations. In these operations, following the successful download of a malicious file, Truebo |
Clop | Unspecified | 2 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
Snatch | Unspecified | 1 | Snatch is a type of malware, specifically ransomware, designed to infiltrate systems undetected, often through suspicious downloads, emails, or websites. Once inside the system, it can wreak havoc by stealing personal information, disrupting operations, or holding data hostage for ransom. The Snatch |
Get2 Downloader | Unspecified | 1 | The Get2 downloader is a type of malware that has been recently used by the threat actor TA505 in its campaigns. The malicious software, which can infiltrate systems through suspicious downloads, emails, or websites, has been incorporated into new Microsoft Office macros. These macros are embedded w |
Dridex | Unspecified | 1 | Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o |
IcedID | Unspecified | 1 | IcedID is a malicious software (malware) designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom |
Sdbot | Unspecified | 1 | SDBot is a malicious software, or malware, that has been leveraged by threat actors known as TA505 and CL0P to exploit vulnerabilities in computer systems. It is used as a backdoor to enable the execution of commands and functions in the compromised computer, often without the user's knowledge. The |
Lobshot | Unspecified | 1 | Lobshot is a stealthy remote access malware that has been used by cybercriminals, notably Russian threat actors, in various malicious campaigns. It was featured alongside other well-known malware samples like DarkGate infostealer, Ducktail, and Redline in deceptive campaigns where it was embedded in |
Bazar | Unspecified | 1 | "Bazar" is a form of malware, a malicious software designed to exploit and damage computer systems. This harmful program can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, it can steal personal information, disrupt operations, o |
QakBot | Unspecified | 1 | Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e |
FlawedAmmyy | Unspecified | 1 | FlawedAmmyy is a notable malware, specifically a Remote Access Trojan (RAT), that has been leveraged by threat actors for malicious purposes. The malware is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites unbeknownst to the user. |
SDBbot | Unspecified | 1 | SDBbot is a malicious software (malware) that infiltrates computer systems typically through deceptive downloads, emails, or websites. In the context of cyber threats, it falls under the category of custom malware, used by threat groups such as GOLD TAHOE. Other common offensive security tools and c |
ID | Type | Votes | Profile Description |
---|---|---|---|
TA505 | Unspecified | 4 | TA505, also known as Cl0p Ransomware Gang and Lace Tempest, is a highly active and sophisticated cybercriminal group. The group has been associated with various high-profile cyber-attacks, demonstrating adaptability through a multi-vector approach to their operations. In June 2023, the U.S. Cybersec |
cl0p | Unspecified | 2 | Cl0p is a threat actor group that has emerged as the most used ransomware in March 2023, dethroning LockBit. The group has successfully exploited zero-day vulnerabilities in the past, but such attacks are relatively rare. Recent research by Malwarebytes highlights the bias of ransomware gangs for at |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Flashpoint | a year ago | No title |
CISA | a year ago | #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability | CISA |
CERT-EU | a year ago | #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability – Cyber Safe NV |
MITRE | a year ago | Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies |
MITRE | a year ago | TA505: A Brief History Of Their Time |
MITRE | a year ago | TA505 Distributes New SDBbot Remote Access Trojan with Get2 Downloader | Proofpoint US |
MITRE | a year ago | Threat Assessment: Clop Ransomware |
MITRE | a year ago | Cybereason vs. Cl0p Ransomware |
Secureworks | a year ago | Phases of a Post-Intrusion Ransomware Attack |
CERT-EU | a year ago | New Malware Granting Threat Actors Hidden VNC Access |