Alias Description | Votes |
---|---|
Hive Ransomware is a possible alias for Hive. Hive ransomware, a prominent threat actor active in 2022, was known for its widespread malicious activities in numerous countries, including the US. The group's modus operandi involved the use of SharpRhino, which upon execution, established persistence and provided remote access to the attackers, e | 10 |
Hunters International is a possible alias for Hive. Hunters International, an active threat actor group since October of the previous year, has been identified as a significant cybersecurity concern. The group has taken over and rebranded the Hive ransomware, despite their disputes about this association. This development followed the disbandment of | 5 |
AvosLocker is a possible alias for Hive. AvosLocker is a type of malware, specifically ransomware, known for its malicious intent to exploit and damage computer systems. This software often infiltrates systems undetected through suspicious downloads, emails, or websites, subsequently causing disruption in operations, theft of personal info | 4 |
Akira is a possible alias for Hive. Akira is a form of malware, specifically ransomware, that has been involved in a significant number of cyber attacks since its first appearance. It has been particularly active since August 2024, when it was observed by Arctic Wolf Labs to be used in conjunction with another ransomware called Fog. T | 3 |
Zeon is a possible alias for Hive. Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B | 2 |
Volt Typhoon is a possible alias for Hive. Volt Typhoon, identified as a People’s Republic of China state-sponsored group, is a prominent threat actor targeting critical infrastructure industries, including healthcare. The group has demonstrated strong operational security and the ability to obfuscate their malware, making them particularly | 2 |
Royal Ransomware is a possible alias for Hive. The Royal Ransomware, a harmful malware program designed to exploit and damage computer systems, operated from September 2022 through June 2023. It employed multi-threaded encryption to disrupt operations and hold data hostage for ransom. The ransomware was primarily disseminated through suspicious | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Conti Malware is associated with Hive. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | Unspecified | 7 |
The REvil Malware is associated with Hive. REvil, a notorious ransomware, emerged as a significant threat to cybersecurity in the context of an increasing trend towards Ransomware as a Service (RaaS) model in 2020. It is connected with other first-stage malware such as Gootkit and Dridex, which pave the way for the REvil ransomware attack. T | Unspecified | 5 |
The Babuk Malware is associated with Hive. Babuk is a form of malware, specifically ransomware, that infiltrates computer systems and encrypts files, rendering them inaccessible to the user. It typically infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operatio | Unspecified | 5 |
The LockerGoga Malware is associated with Hive. LockerGoga is a type of malware, specifically ransomware, that infiltrates computer systems and holds data hostage until a ransom is paid. This malicious software was notably deployed in an attack against Norsk Hydro in March 2019. The malware was distributed by the threat group FIN6, which traditio | Unspecified | 4 |
The MegaCortex Malware is associated with Hive. MegaCortex is a type of malware known for its harmful effects on computer systems and devices. It was identified by Dragos, a cybersecurity firm, as having a relationship with another ransomware called EKANS. Both MegaCortex and EKANS have specific characteristics that pose unique risks to industria | Unspecified | 4 |
The Black Basta Malware is associated with Hive. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses | is related to | 4 |
The Hive Ransomware Gang Malware is associated with Hive. The Hive ransomware gang, a malicious group known for exploiting and damaging computer systems through harmful software, was significantly disrupted by the Federal Bureau of Investigation (FBI) in a series of operations. Six months ago, according to the US Department of Justice (DOJ), the FBI infilt | Unspecified | 4 |
The Ragnar Locker Malware is associated with Hive. Ragnar Locker is a type of malware, specifically ransomware, known for its destructive impact on computer systems. It infiltrates systems primarily through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data hostage for rans | Unspecified | 3 |
The HELLOKITTY Malware is associated with Hive. HelloKitty is a malicious software (malware) that has been designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold dat | Unspecified | 3 |
The TrickBot Malware is associated with Hive. TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev, | Unspecified | 3 |
The QakBot Malware is associated with Hive. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | Unspecified | 3 |
The Blackbasta Malware is associated with Hive. BlackBasta is a notorious malware, particularly known for its ransomware attacks. The group behind it has been linked with other harmful software such as IcedID, NetSupport, Gozi, PikaBot, Pushdo, Quantum, Royal, and Nokoyawa. Artifacts and indicators of compromise (IoCs) suggest a possible relation | Unspecified | 3 |
The Karakurt Malware is associated with Hive. Karakurt is a malicious software (malware) that has been linked to significant data extortion activities. The malware is affiliated with the notorious Conti cybercrime syndicate and ITG23, which are known for their disruptive operations, including data theft and ransom demands. In 2023, there was a | Unspecified | 3 |
The Bumblebee Malware is associated with Hive. Bumblebee is a type of malware that has been linked to ITG23, a cyber threat group. Over the past year, it has been used in conjunction with other initial access malwares such as Emotet, IcedID, Qakbot, and Gozi during ITG23 attacks. The same values for self-signed certificates seen in Bumblebee hav | Unspecified | 2 |
The Hunters Malware is associated with Hive. Malware hunters, also known as bug hunters, are cybersecurity professionals who search for vulnerabilities in systems that can be exploited by malicious software (malware). In 2023, at the Pwn2Own Toronto event, these experts earned a total of $1,038,250 for identifying 58 unique zero-day vulnerabil | Unspecified | 2 |
The Ryuk Malware is associated with Hive. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 2 |
The Emotet Malware is associated with Hive. Emotet is a notorious malware, short for malicious software, that is designed to exploit and damage computers or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user, with the potential to steal personal information, disrupt operations, | Unspecified | 2 |
The Avaddon Malware is associated with Hive. Avaddon is a type of malware, specifically ransomware, designed to exploit and damage computer systems. It was notable for its compatibility with older systems such as Windows XP and Windows 2003, distinguishing it from other ransomware like Darkside and Babuk which targeted more modern systems like | Unspecified | 2 |
The Nokoyawa Malware is associated with Hive. Nokoyawa is a prominent malware, specifically ransomware, that has been linked to numerous cybercrime activities since it first emerged in 2022. It has been associated with various other malware families including Quantum, Royal, BlackBasta, and a variety of others such as Emotet, IcedID, CobaltStri | is related to | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Blackmatter Threat Actor is associated with Hive. BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention | Unspecified | 4 |
The DarkSide Threat Actor is associated with Hive. DarkSide is a threat actor known for its malicious activities, primarily in the realm of ransomware attacks. One of their most notable exploits occurred on May 7, 2021, when they targeted Colonial Pipeline Co., a major player in the U.S. energy sector. The attack disrupted the gasoline supply across | Unspecified | 3 |
The Vice Society Threat Actor is associated with Hive. Vice Society, a threat actor or hacking team with malicious intent, has been active since 2022 and has made significant waves in the cybersecurity world. The group is known for deploying various forms of ransomware, including BlackCat, Quantum Locker, Zeppelin, and their own branded variant of Zeppe | Unspecified | 3 |
The Bl00dy Threat Actor is associated with Hive. Bl00dy is a threat actor known for its malicious activities in the cyber world. The group, along with another threat actor called Black Basta, have recently been identified as exploiting bugs in ConnectWise ScreenConnect, a popular remote management tool. This exploitation has led to a significant i | Unspecified | 2 |
The Qilin Threat Actor is associated with Hive. Qilin, a threat actor known for its malicious activities in the cyberspace, has been on the rise with an increase in victim count by 44% reaching 140 in Q3. This group is part of the Octo Tempest group which recently added RansomHub and Qilin ransomware to its arsenal, enhancing its capabilities to | Unspecified | 2 |
The Mikhail Pavlovich Matveev Threat Actor is associated with Hive. Mikhail Pavlovich Matveev, a Russian national also known by online monikers Wazawaka, m1x, Boriselcin, and Uhodiransomwar, has been identified as a major threat actor in the world of cybersecurity. Matveev is among five Russians charged in connection with Lockbit, a group widely recognized as one of | Unspecified | 2 |
The Wazawaka Threat Actor is associated with Hive. Wazawaka, identified by the FBI as Mikhail Matveev, is a significant threat actor in the cybercrime landscape. Known for his affiliations with multiple ransomware groups, including LockBit, throughout 2020 and 2021, he became a central figure in the Babuk ransomware-as-a-service gang. Matveev's oper | Unspecified | 2 |
The Boriselcin Threat Actor is associated with Hive. Mikhail Pavlovich Matveev, also known as Boriselcin, is a threat actor that has been implicated in significant cybercrime activities. Beginning at least as early as 2020, Matveev has been allegedly involved in deploying three ransomware variants: LockBit, Babuk, and Hive. These attacks targeted vari | Unspecified | 2 |
The Uhodiransomwar Threat Actor is associated with Hive. Uhodiransomwar, also known as Mikhail Pavlovich Matveev, Wazawaka, m1x, and Boriselcin, is a significant threat actor in the cybersecurity landscape. A Russian national aged 30, Matveev has been implicated in a series of malicious cyber activities since at least 2020. He is alleged to have participa | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The vulnerability CVE-2021-34523 is associated with Hive. | Unspecified | 2 |
The vulnerability CVE-2020-12812 is associated with Hive. | Unspecified | 2 |
The CVE-2021-31207 Vulnerability is associated with Hive. CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a | Unspecified | 2 |
The vulnerability CVE-2021-42321 is associated with Hive. | Unspecified | 2 |
The CVE-2021-34473 Vulnerability is associated with Hive. CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
ESET | 3 hours ago | ||
Securelist | 12 days ago | ||
Securelist | 11 days ago | ||
BankInfoSecurity | a month ago | ||
Securelist | 2 months ago | ||
DARKReading | 3 months ago | ||
DARKReading | 10 months ago | ||
DARKReading | 8 months ago | ||
DARKReading | 6 months ago | ||
CISA | 3 months ago | ||
Unit42 | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
BankInfoSecurity | 4 months ago | ||
InfoSecurity-magazine | 4 months ago | ||
DARKReading | 4 months ago | ||
DARKReading | 5 months ago | ||
Securelist | 6 months ago | ||
InfoSecurity-magazine | 6 months ago | ||
BankInfoSecurity | 6 months ago |