Octopus

Malware Profile Updated a month ago
Download STIX
Preview STIX
Octopus is a malware, a harmful program designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware has been associated with various incidents and developments across different sectors. In 2020, the legal team at UK energy retailer Octopus Energy developed Kraken, a customer billing platform that was subsequently licensed to rival energy providers like Eon in the UK and overseas markets. The same year, the company's legal team advised on the acquisition and integration of 1.5 million customers from Bulb, a rival provider that went into special administration in 2021. This move significantly contributed to the growth of Octopus Energy. Secret Double Octopus (SDO), a leader in workforce passwordless MFA, collaborated with ForgeRock Enterprise Connect Passwordless to integrate SDO's Octopus platform for passwordless MFA. This integration aimed to deliver a greater return on investment than traditional MFA methods that rely on passwords. The Octopus platform decouples user authentication from backend identity management, enabling comprehensive coverage for workforce use cases.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Remcos
1
Remcos is a software tool that can be used benignly or maliciously as part of a cyber attack. It has been frequently observed in recent campaigns, often being the most common payload, according to X-Force. Other Remote Access Trojans (RATs) such as njRAT and AsyncRAT have also been utilized, but Rem
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Windows
Malware
Telegram
Apt
Trojan
Phishing
Espionage
Exploit
Infiltration
Uk
Australia
russian
Remcos
Asia
Kaspersky
Github
Macos
Rat
Police
exploitation
Backdoor
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
RedlineUnspecified
1
RedLine is a notorious malware that has been prominently used to steal sensitive information, including login credentials and financial data. It was first uncovered in March 2020 and has since been utilized to export personal details such as credentials, cryptocurrency wallets, and financial data to
TsunamiUnspecified
1
The "Tsunami" malware, a malicious software designed to exploit and damage computer systems, has caused significant cybersecurity disruptions globally. This malware, whose variants include xmrigDeamon, Bioset, dns3, xmrigMiner, docker-update, dns, 64[watchdogd], 64bioset, 64tshd, armbioset, armdns,
CherryUnspecified
1
Cherry is a malicious software, or malware, that has significantly impacted the operations of Cherry Health, a Michigan-based healthcare provider. The malware was introduced into the system through a ransomware attack in December 2023, affecting more than 184,000 individuals. This breach underscores
ZebrocyUnspecified
1
Zebrocy is a well-documented Trojan malware that infiltrates systems to gather specific system information. Once installed, it sends the collected data to its Command and Control (C2) server via an HTTP POST request. The Zebrocy variant also captures a screenshot of the victim's host and transmits i
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Nomadic OctopusUnspecified
3
Nomadic Octopus, a suspected Russian Advanced Persistent Threat (APT) group, has been engaged in a cyber-espionage campaign known as Paperbug since 2020. The group infiltrated a Tajikistani carrier to spy on government officials and public service infrastructures, compromising government networks, i
DustSquadUnspecified
3
DustSquad, also known as Nomadic Octopus, is a notable threat actor that has been implicated in several cyber-espionage campaigns. Throughout 2018, DustSquad, along with other actors like IndigoZebra and Sofacy, targeted political entities in Central Asia using the Octopus malware. This was revealed
PaperbugUnspecified
2
Paperbug is a cyber-espionage campaign executed by a suspected Russian threat actor known as Nomadic Octopus, also referred to as DustSquad. The Swiss cybersecurity company Prodaft has released a report detailing the actions of this group, outlining their tactics, techniques, and procedures (TTPs).
APT28Unspecified
2
APT28, also known as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM, is a threat actor group that has been active since 2007. This Russia-linked entity targets governments, militaries, and security organizations worldwide with malicious intent. In recent years, the group has
SofacyUnspecified
2
Sofacy is a threat actor group that has been observed using multiple languages to create variants of the Zebrocy Trojan and Cannon. In one campaign, they relied heavily on filenames to lure victims into launching weaponized documents. The group packed only Delphi variants in an attempt to increase e
FrozenlakeUnspecified
1
Frozenlake, also known as APT28, Fancy Bear, Forest Blizzard, and several other names, is a threat actor believed to be sponsored by the Russian military. The group has been involved in numerous cyber-attacks, primarily targeting Ukraine's energy sector. Their modus operandi includes exploiting vuln
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Octopus Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Octopus-infested seas of Central Asia
Securityaffairs
a year ago
Russian APT Nomadic Octopus hacked Tajikistani carrier
CERT-EU
a year ago
Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan
MITRE
a year ago
Russia-Linked Hackers Target Diplomatic Entities in Central Asia
CERT-EU
a year ago
Russian APT Hacked Tajikistani Carrier to Spy on Government, Public Services
CERT-EU
a year ago
Новая группировка Nomadic Octopus шпионит за министрами Таджикистана
CERT-EU
a year ago
«Тактический осьминог» запустил свои щупальца в налоговую службу США
CERT-EU
8 months ago
Marvel vs. Capcom 3 Hackers Find Classic Spider-Man Villain In Game | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CSO Online
a year ago
ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises
CERT-EU
9 months ago
Is Your Workforce Ready for Passwordless MFA?
CERT-EU
9 months ago
Standout examples of in-house lawyers’ work
MITRE
a year ago
Picking Apart Remcos Botnet-In-A-Box
CERT-EU
a year ago
SBOM Executive Order: Ready for the June 11th deadline?
CERT-EU
9 months ago
Meet the top FT 20 in-house legal leaders
CERT-EU
a year ago
What does the semiconductor industry need from the Government?
CERT-EU
a year ago
How observability prevents developers from flying blind - SD Times
CERT-EU
a year ago
Expanding the scope of Cyber Incident Response (CIR) – GIXtools
CERT-EU
a year ago
MOVEit hack: media watchdog Ofcom data downloaded in cyber attack – GIXtools
CERT-EU
8 months ago
Search | arXiv e-print repository
CERT-EU
7 months ago
Search | arXiv e-print repository