Manatee Tempest

Threat Actor updated a month ago (2024-10-17T12:04:55.382Z)

Download STIX

Preview STIX

Manatee Tempest is a malicious threat actor known for its association with cyber attacks and ransomware operations. This group, identified by Microsoft security researchers, has been linked to numerous attacks involving the use of new post-compromise techniques. Alongside other threat actors such as Storm-0506, Storm-1175, and Octo Tempest, Manatee Tempest represents a significant cybersecurity concern due to their innovative and damaging approach to cyber warfare. It's important to note that Manatee Tempest is part of Evil Corp, an organization notorious for changing its tactics in response to US sanctions. The threat actors have demonstrated their capabilities by deploying ransomware variants like Black Basta and Akira. These groups have tested out these techniques, showing their ability to adapt and evolve their methods. The specific post-compromise technique used by these groups was not detailed but it signifies a shift in the modus operandi of such threat actors, which could potentially lead to more sophisticated and hard-to-detect attacks in the future. In conclusion, Manatee Tempest, along with the associated threat actors, poses a significant threat to cybersecurity. Their utilization of new post-compromise techniques and deployment of potent ransomware indicates a high level of sophistication and adaptability. It is crucial for organizations to stay vigilant, keep their security measures updated, and continuously monitor for any signs of these threat actors to mitigate potential damage.

Description last updated: 2024-10-17T11:40:56.962Z

What's your take? (Question 1 of 1)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Octo Tempest Threat Actor is associated with Manatee Tempest. Octo Tempest, also known as Scattered Spider or 0ktapus, is a notable threat actor group in the cybercrime landscape. The group, comprised of five individuals in their early 20s, has been linked to major data extortion campaigns against high-profile targets such as Caesars Entertainment and MGM, oft	Unspecified	2

Source Document References

Information about the Manatee Tempest Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	4 months ago	Octo Tempest group adds RansomHub and Qilin ransomware to its arsenal
Securityaffairs	4 months ago	Ransomware gangs exploit VMware ESXi bug CVE-2024-37085
Securityaffairs	2 months ago	RansomHub ransomware gang relies on TDSKiller to disable EDR
Securityaffairs	3 months ago	A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter
Securityaffairs	4 months ago	CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog
DARKReading	4 months ago	Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
Securityaffairs	4 months ago	+20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085