National Hazard Agency

Malware updated 7 months ago (2024-05-04T20:19:22.965Z)

Download STIX

Preview STIX

The National Hazard Agency is a newly identified malware group reportedly led by a man in his 20s from Ukraine. This malicious software, or malware, is designed to infiltrate and damage computer systems, often without the user's knowledge. The group uses suspicious downloads, emails, or websites to gain access to systems, where they can then steal personal information, disrupt operations, or hold data hostage for ransom. In a recent attack, the group deviated from the typical modus operandi of similar cybercriminal organizations, such as Lockbit. They delivered a ransom note titled "National Hazard Agency," demanding $3 million in either Bitcoin or Monero. The note threatened repeated attacks if the ransom was not paid and included email and instant messaging contact details. The message was fairly standard for this type of cybercrime, stating that the victim's data had been encrypted. Further evidence of their activities came to light when an affiliate of the criminal gang, also identifying itself as the National Hazard Agency, shared screenshots on Twitter of directory listings purportedly showing stolen files. This suggests that the group is not only capable of executing sophisticated cyberattacks but is also willing to publicly share proof of their exploits, adding another layer of threat to their actions.

Description last updated: 2024-05-04T19:39:08.163Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransom

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Lockbit Malware is associated with National Hazard Agency. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit	Unspecified	3

Source Document References

Information about the National Hazard Agency Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	a year ago	Kaspersky malware report for Q3 2023
Securityaffairs	a year ago	Leaked LockBit 3.0 ransomware builder used by multiple actors
CERT-EU	a year ago	LockBit Builder Leak Leads to Flood of Ransomware Variants
CERT-EU	a year ago	TSMC faces $70m LockBit ransom demand following hardware supplier breach - TechCentral.ie
CERT-EU	9 months ago	US indicts two Russian nationals in LockBit ransomware case \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
Trend Micro	9 months ago	LockBit Attempts to Stay Afloat with a New Version
Securelist	a year ago	Lockbit leak, research opportunities on tools leaked from TAs
CERT-EU	a year ago	TSMC says IT supplier extorted by LockBit
CERT-EU	a year ago	Cybercriminals Harness Leaked LockBit Builder in Wave of New Attacks
CERT-EU	a year ago	Lockbit 3.0 Builder Leaked: Anyone Can Blend Ransomware
CERT-EU	a year ago	Hacker leaks Cortina Watch’s data online, including customer details and sales tactics \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting