| ID | Votes | Profile Description |
|---|---|---|
| Maze | 4 | Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w |
| Ta2102 | 1 | None |
| Sangria Tempest | 1 | Sangria Tempest, also known as FIN7, Carbon Spider, and ELBRUS, is a threat actor that has been active since 2014. This Russian advanced persistent threat (APT) group is known for its malicious activities, including spear-phishing campaigns, malware distribution, and theft of payment card data. In m |
| FIN7 | 1 | FIN7, a notorious threat actor group known for its malicious activities, has recently been identified as targeting a large U.S. carmaker with phishing attacks. This group, which has previously operated behind fake cybersecurity companies such as Combi Security and Bastion Secure to recruit security |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Ryuk | Unspecified | 2 | Ryuk is a sophisticated malware, specifically a ransomware variant, that has been extensively used by cybercriminal group ITG23. The group has been employing crypting techniques for several years to obfuscate their malware, with Ryuk often seen in tandem with other malicious software such as Trickbo |
| Netwalker | Unspecified | 1 | NetWalker is a highly profitable ransomware kit, known for its ability to disable antivirus software on Windows 10 systems and encrypt files, adding a random extension to the encrypted ones. Once executed, it disrupts operations and can even hold data hostage for ransom. It has been observed that Ne |
| REvil | Unspecified | 1 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
| Egregor | Unspecified | 1 | Egregor is a variant of the Sekhmet ransomware and operates as Ransomware-as-a-Service (RaaS). It emerged in 2020, suspected to be from former Maze affiliates. Known for its double extortion tactics, Egregor publicly shames its victims by leaking sensitive data if the ransom isn't paid. In one notab |
| Ragnar Locker | Unspecified | 1 | Ragnar Locker is a type of malware, specifically a ransomware, that has been designed to infiltrate computer systems, often without the user's knowledge. It can enter systems through suspicious downloads, emails, or websites and once inside, it has the capability to steal personal information, disru |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| DarkSide | Unspecified | 2 | DarkSide is a notable threat actor that emerged in the cybersecurity landscape with its advanced ransomware operations. In 2021, the group gained significant attention for its attack on the United States' largest oil pipeline, Colonial Pipeline, causing a temporary halt to all operations for three d |
| Gold Ulrick | Unspecified | 1 | GOLD ULRICK, also known as ITG23, is a threat actor identified for its aggressive and unrestricted operations in the cybersecurity landscape. The group has shown no hesitation in targeting healthcare organizations with Conti ransomware, a malicious software designed to block access to a computer sys |
| Apocalypse | Unspecified | 1 | Apocalypse is a threat actor known for its malicious intent in the cybersecurity world. It's associated with a variety of ransomware, including a variant named Al-Namrood. The Apocalypse ransomware and its variants have been a significant concern due to their capacity to encrypt files, making them i |
| Blackmatter | Unspecified | 1 | BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention |
| Gold Waterfall | Unspecified | 1 | GOLD WATERFALL is a notable threat actor in the cybersecurity landscape, known for its operation of the Darkside ransomware. This group was previously affiliated with REvil before developing and deploying its own ransomware, Darkside. Within less than a year of operation, GOLD WATERFALL reportedly a |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| Unit42 | 6 months ago | Ransomware Retrospective 2024: Unit 42 Leak Site Analysis |
| CERT-EU | 7 months ago | Potential data breach disclosed by Xerox subsidiary |
| CERT-EU | 7 months ago | Top 3 ransomware headlines trending on Google - Cybersecurity Insiders |
| CERT-EU | 7 months ago | After ransomware claims, Xerox says subsidiary hit with cyberattack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| CERT-EU | 7 months ago | Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data |
| CERT-EU | 7 months ago | Microsoft disables MSIX protocol handler abused in malware attacks |
| CERT-EU | 8 months ago | New Phobos ransomware variant implicates VX-Underground |
| CERT-EU | 10 months ago | What is double extortion ransomware? | #ransomware | #cybercrime | National Cyber Security Consulting |
| MITRE | a year ago | Ransomware 2020: Attack Trends Affecting Organizations Worldwide |
| Secureworks | a year ago | Ransomware Evolution |
| Secureworks | a year ago | Phases of a Post-Intrusion Ransomware Attack |
| MITRE | a year ago | Maze attackers adopt Ragnar Locker virtual machine technique |
| CERT-EU | a year ago | Ransomware gang Alphv 'unlikely to be fussed' about law firm's injunction order | #ransomware | #cybercrime | National Cyber Security Consulting |
| CERT-EU | a year ago | 200+ Free Ransomware Decryption Tools You Need [2022 List] |
| CERT-EU | a year ago | Regis Aged Care upgrades endpoint security |
| MITRE | a year ago | Ransomware Maze | McAfee Blog |
| MITRE | a year ago | Pysa Ransomware - NHS Digital |