Milan

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
Milan is a type of malware that was part of an array of backdoors deployed by the cyber threat group OilRig in 2021. Other backdoors used by this group include Shark, DanBot, and Marlin. The Milan malware, like other backdoors used by OilRig, employs simple upload and download schemes for communication with the command-and-control (C&C) server. These schemes are characterized by the use of URIs with a "d" for download and a "u" for upload. Additionally, Milan shares similarities with the Solar backdoor and other OilRig backdoors such as ALMA, Shark, and DanBot in its use of upload and download subdirectories. In 2022, Milan was heavily targeted by Distributed Denial of Service (DDoS) attacks, suffering over 5,000 incidents - the highest number in Italy. This high frequency of attacks caused significant disruption to systems and services in the region. For instance, a restaurant in Milan experienced an outage that lasted several hours due to these attacks. Technicians had to guide the staff through the process of restoring their system. The surge in cyberattacks has led to increased attention on digital security measures. Milan Patel, BlueVoyant’s global head of managed detection and response (MDR), emphasized the importance of having physical locations for Security Operations Centers (SOCs). Norberto Milan, VP of sales for Latin America at security company Palo Alto, also highlighted that many organizations are likely to increase their cybersecurity budgets in response to such incidents to prevent future attacks and mitigate potential damage.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Shark
2
Shark is a type of malware, or malicious software, that was deployed by the cyber group OilRig. In 2021, OilRig updated its DanBot backdoor and began deploying the Shark, Milan, and Marlin backdoors, as highlighted in the T3 2021 issue of the ESET Threat Report. This harmful program can infiltrate s
DanBot
2
DanBot is a malicious software (malware) written in C# using .NET Framework 2.0 that provides basic remote access capabilities. It was identified as part of the arsenal used by the cyber threat group, OilRig, and has been linked to other backdoors such as Solar, Shark, Milan, and Marlin. The malware
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Bitcoin
Ransomware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
ContiUnspecified
2
Conti is a malware program known for its disruptive capabilities, including stealing personal information and holding data hostage for ransom. It gained notoriety as part of the arsenal of ITG23, a cybercrime group that used it in conjunction with other malicious software like Trickbot, BazarLoader,
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Milan Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Who are Latest Targets of Cyber Group Lyceum | Accenture
CERT-EU
a year ago
Ransomware attack on data firm ION could take days to fix -sources | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
CERT-EU
a year ago
Feyenoord, violenti in arrivo: l'asse con gli ultrà del Napoli, olandesi invitati in Campania
CERT-EU
2 months ago
McDonald's apologizes for global system outage that shut down some stores for hours
CERT-EU
2 months ago
LatAm firms ramping up cybersecurity investments as they come into criminals' crosshairs | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
a year ago
BlackBerry lance Guaranteed Margin – Global Security Mag Online
CSO Online
a year ago
Why reporting an incident only makes the cybersecurity community stronger
CERT-EU
a year ago
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
CERT-EU
a year ago
Trust Wallet Clears the Air on Mysterious $4 Million User Hack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker - National Cyber Security
Trend Micro
a year ago
Industry 4.0: CNC Machine Security Risks Part 2
CERT-EU
a year ago
Links 19/03/2023: Release of Libreboot 20230319 and NATO Expanding
CERT-EU
a year ago
BlueVoyant named Security MSSP of the Year at Microsoft Security Excellence Awards
CERT-EU
a year ago
Nomios Group expands in Southern Europe with the leading Italian Cybersecurity expert Aditinet | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
CERT-EU
a year ago
Olidata, il ritorno a Piazza Affari è targato Rufini. Oggi sul listino dopo un blocco durato sette anni
CERT-EU
a year ago
Researchers Identify Second Developer of ‘Golden Chickens’ Malware
Recorded Future
a year ago
Black History Month: ERG Employee Stories, Impact, Community & Celebration
CERT-EU
a year ago
Palo Alto y TELMEX brindarán servicios de respuesta a incidentes cibernéticos en México y América Latina | Diario TI
CERT-EU
a year ago
BlueVoyant Recognized as a Microsoft Security Excellence Awards Winner for Security MSSP of the Year 2023
CERT-EU
a year ago
Hackerato il profilo Twitter del Consolato Usa di Milano: compare una bandiera ucraina con la svastica
CERT-EU
a year ago
Nomine, c’è l’accordo: ecco tutti i nomi. Cattaneo amministratore delegato di Enel, Scaroni alla presidenza. Ma c’è il caso Donnarumma a Terna