| ID | Votes | Profile Description |
|---|---|---|
| EKANS | 1 | EKANS, also known as SNAKE (the word EKANS spelled backwards), is a significant strain of malware that emerged in mid-December 2019. It was one of the more concerning ransomware strains observed in 2020, accounting for 6% of all ransomware attacks monitored by IBM Security X-Force in that year. The |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| LockerGoga | Unspecified | 7 | LockerGoga is a type of malware, specifically ransomware, known for its disruptive capabilities. It was notably deployed at Norsk Hydro in March 2019, causing significant operational disruption. LockerGoga differentiates itself from other types of ransomware such as EKANS due to its destructive natu |
| Hive | Unspecified | 4 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
| REvil | Unspecified | 4 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
| QakBot | Unspecified | 3 | Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e |
| Black Basta | Unspecified | 3 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
| Egregor | Unspecified | 2 | Egregor is a variant of the Sekhmet ransomware and operates as Ransomware-as-a-Service (RaaS). It emerged in 2020, suspected to be from former Maze affiliates. Known for its double extortion tactics, Egregor publicly shames its victims by leaking sensitive data if the ransom isn't paid. In one notab |
| Qbot | Unspecified | 2 | Qbot, also known as Qakbot or Pinkslipbot, is a modular information-stealing malware that emerged in 2007 as a banking trojan. Over the years, it has evolved into an advanced malware strain used by multiple cybercriminal groups to compromise networks and prepare them for ransomware attacks. The firs |
| Pinkslipbot | Unspecified | 1 | Pinkslipbot, also known as Qakbot, QBot or QuackBot, is a modular information-stealing malware that has been active since 2008. Initially emerging in 2007 as a banking trojan, it targeted financial institutions to steal sensitive data. Over the years, however, its functionality evolved and diversifi |
| ProLock | Unspecified | 1 | ProLock is a type of malware, specifically ransomware, that is designed to infiltrate computer systems, often unbeknownst to the user. It typically enters systems through suspicious downloads, emails, or websites. Once inside, ProLock can steal personal information, disrupt operations, and hold data |
| Ryuk | Unspecified | 1 | Ryuk is a sophisticated malware, specifically a ransomware variant, that has been extensively used by cybercriminal group ITG23. The group has been employing crypting techniques for several years to obfuscate their malware, with Ryuk often seen in tandem with other malicious software such as Trickbo |
| Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Doppelpaymer | Unspecified | 1 | DoppelPaymer is a form of malware, specifically ransomware, known for its high-profile attacks on large organizations and municipalities. Originally based on the BitPaymer ransomware, DoppelPaymer was reworked and renamed by the threat group GOLD HERON, after initially being operated by GOLD DRAKE. |
| Conti | Unspecified | 1 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
| Blackbasta | Unspecified | 1 | BlackBasta is a malicious software (malware) known for its disruptive and damaging effects on computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even ho |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| ITG08 | Unspecified | 1 | ITG08 is a notable threat actor in the cybersecurity landscape, known for its malicious activities and strategic partnerships with other threat actors. This group has been linked to a series of attacks through Tactics, Techniques, and Procedures (TTPs) consistent with their known modus operandi. Whi |
| Bianlian | Unspecified | 1 | BianLian is a threat actor that has been increasingly active in cybercrimes. The group is known for its malicious activities, including the execution of actions with harmful intent. In a series of recent events, BianLian has exploited vulnerabilities in JetBrains TeamCity, a continuous integration a |
| Alphv | Unspecified | 1 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Lockergoga Md5 | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 7 months ago | Decryptor Issued For Babuk Tortilla Ransomware Variant | #ransomware | #cybercrime | National Cyber Security Consulting |
| CERT-EU | 7 months ago | The law enforcement operations targeting cybercrime in 2023 |
| CERT-EU | 8 months ago | More than $100 million in ransom paid to Black Basta gang over nearly 2 years | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| DARKReading | 8 months ago | Ringleader of Prolific Ransomware Gang Arrested in Ukraine |
| Securityaffairs | 8 months ago | International police operation dismantled prominent Ukraine-based Ransomware group |
| CERT-EU | 8 months ago | Ringleader of Ransomware Group in Ukraine Arrested: Europol |
| CERT-EU | 8 months ago | Europol shutters ransomware operation with kingpin arrests |
| BankInfoSecurity | 8 months ago | Police Bust Suspected Ransomware Group Ringleader in Ukraine |
| InfoSecurity-magazine | 8 months ago | Ukraine Police Dismantle Major Ransomware Group |
| CERT-EU | 10 months ago | Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected? |
| CERT-EU | a year ago | Operation Duck Hunt: Multinational Operation Dismantles Qakbot Botnet - IT Governance USA Blog |
| CERT-EU | a year ago | Free Decryptor Available for ‘Key Group’ Ransomware |
| CERT-EU | a year ago | Qakbot Botnet Disrupted, Infected 700,000 Computers Globally |
| CERT-EU | a year ago | Qakbot Cracked: FBI and Friends Hack the Hackers |
| InfoSecurity-magazine | a year ago | FBI-Led Operation Duck Hunt Shuts Down QakBot Malware |
| CERT-EU | a year ago | FBI and European partners dismantle global malware network |
| CERT-EU | a year ago | International police operation dismantles notorious Quakbot botnet |
| Flashpoint | a year ago | COURT DOC: Qakbot Malware Disrupted in International Cyber Takedown |
| CERT-EU | a year ago | Multinational Operation Disrupts QakBot Botnet |
| CERT-EU | a year ago | How the FBI nuked Qakbot malware from infected Windows PCs |