ID | Votes | Profile Description |
---|---|---|
Lockbit | 11 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Blackmatter | 5 | BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention |
Lockbit Red | 4 | LockBit, a notorious ransomware, underwent a significant upgrade to LockBit 2.0 (also known as LockBit Red) in mid-2021. This malware version, designed to exploit and damage computer systems, was often propagated through suspicious downloads, emails, or websites. Once infiltrated, it could steal per |
Lockbit Green | 3 | LockBit, also known as Gold Mystic and Water Selkie, is a notorious ransomware group that has been active since its inception in September 2019. It has developed several variants of its malware over the years, including LockBit 1.0, LockBit 2.0, LockBit 3.0, and most recently, LockBit Green. The gro |
Lockbit V3 | 3 | LockBit v3, also known as LockBit Black, is a potent malware that was initially detected in June 2022. This malicious software is designed to exploit and damage computer systems by encrypting files rapidly, often without the user's knowledge. It infiltrates systems through suspicious downloads, emai |
LockBitSupp | 2 | LockBitSupp, also known as LockBit and putinkrab, is a notorious threat actor responsible for creating and operating one of the most prolific ransomware variants. The individual behind this persona, Dmitry Yuryevich Khoroshev, has been actively involved in ransomware attacks against organizations fo |
Alphv | 2 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
Dragonforce | 2 | DragonForce is a potent malware identified by cybersecurity researchers in November 2023, known for its ransomware attacks. The malicious software is named after the Malaysian hacktivist group DragonForce, which has been active since at least 2021 and has targeted various government agencies and org |
Buhti | 1 | Buhti is a malicious software, or malware, that was first highlighted by Palo Alto Networks Unit 42 in February 2023. It is a Golang ransomware targeting Linux systems. The Buhti ransomware operation was further detailed by Symantec’s Threat Hunter Team in May of the same year. Its payload included |
Buthtiransom | 1 | None |
Black Cat | 1 | Black Cat, also known as AlphV, is a prominent threat actor known for its malicious activities in the cybersecurity landscape. The group gained significant attention when it launched an attack on Change Healthcare, a subsidiary of Optum and UnitedHealth Group (UHG), in late February. This ransomware |
ID | Type | Votes | Profile Description |
---|---|---|---|
Conti | Unspecified | 3 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
Phorpiex | Unspecified | 2 | Phorpiex is a notorious malware that has been identified as a substantial threat in the cyber landscape. This malicious software, designed to exploit and damage systems, infiltrates unsuspecting users' devices through suspicious downloads, emails, or websites. Once inside, it can cause significant h |
Black Basta | Unspecified | 2 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
Xworm | Unspecified | 1 | XWorm is a multi-functional malware that provides threat actors with remote access capabilities, has the potential to spread across networks, exfiltrate sensitive data, and download additional payloads. It was observed exploiting ScreenConnect vulnerabilities, a client software used for remote syste |
AsyncRAT | Unspecified | 1 | AsyncRAT is a malicious software (malware) designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Once the executable loads http_dll.dll, the DL |
ID | Type | Votes | Profile Description |
---|---|---|---|
DarkSide | Unspecified | 2 | DarkSide is a notable threat actor that emerged in the cybersecurity landscape with its advanced ransomware operations. In 2021, the group gained significant attention for its attack on the United States' largest oil pipeline, Colonial Pipeline, causing a temporary halt to all operations for three d |
Bl00dy | Unspecified | 2 | Bl00dy is a threat actor known for its malicious activities in the cyber world. The group, along with another threat actor called Black Basta, have recently been identified as exploiting bugs in ConnectWise ScreenConnect, a popular remote management tool. This exploitation has led to a significant i |
FIN7 | Unspecified | 2 | FIN7, a notorious threat actor group known for its malicious activities, has recently been identified as targeting a large U.S. carmaker with phishing attacks. This group, which has previously operated behind fake cybersecurity companies such as Combi Security and Bastion Secure to recruit security |
Kimsuky | Unspecified | 1 | Kimsuky is a North Korea-linked advanced persistent threat (APT) group that conducts global cyber-attacks to gather intelligence for the North Korean government. The group has been identified as a significant threat actor, executing actions with malicious intent, and has recently targeted victims vi |
Tornado Cash | Unspecified | 1 | Tornado Cash, a known threat actor in the cybersecurity landscape, has been under the spotlight for its illicit activities. The group is associated with various malicious intents and actions, ranging from a single person to a private company or even part of a government entity. In recent times, it h |
Black Matter | Unspecified | 1 | None |
Vice Society | Unspecified | 1 | Vice Society, a threat actor group known for its malicious activities, has been linked to a series of ransomware attacks targeting various sectors, most notably education and healthcare. Throughout 2022 and the first half of 2023, Vice Society, along with Royal Ransomware, were actively executing mu |
The Bl00dy Ransomware Gang | Unspecified | 1 | The Bl00dy ransomware gang, a threat actor that began operations in May 2022, is known for its malicious activities, which include exploiting vulnerabilities and using double extortion techniques against targeted organizations. This group has been observed to leverage the ScreenConnect Remote Code E |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 5 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 6 days ago | Security Affairs Malware Newsletter - Round 3 |
InfoSecurity-magazine | 10 days ago | Understanding NullBulge, the New AI-Fighting ‘Hacktivist’ Group |
Securityaffairs | 12 days ago | Security Affairs Malware Newsletter - Round 2 |
Securityaffairs | 20 days ago | Security Affairs Malware Newsletter - Round 1 |
BankInfoSecurity | 21 days ago | New Zealand Fitness Retailer Hit By DragonForce Ransomware |
Securityaffairs | a month ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION |
Checkpoint | a month ago | 17th June – Threat Intelligence Report - Check Point Research |
Securityaffairs | a month ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware |
InfoSecurity-magazine | 3 months ago | DragonForce Ransomware Group Uses LockBit’s Leaked Builder |
CERT-EU | 5 months ago | LOCKBIT 3.0 Ransomware - Complete Malware Analysis Report | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 5 months ago | New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers |
CERT-EU | 5 months ago | Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks |
InfoSecurity-magazine | 5 months ago | Cyber Espionage France’s Top Threat Ahead of 2024 Paris Olympics |
Trend Micro | 5 months ago | Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities |
CERT-EU | 5 months ago | Hackers Exploit ConnectWise Bugs to Deploy LockBit Ransomware |