Orange Spain

Threat Actor Profile Updated 2 months ago
Download STIX
Preview STIX
Orange Spain, a major Spanish network provider, was disrupted by a cyberattack on January 3, 2024. The threat actor known as 'Snow' compromised Orange Spain's RIPE account, leading to significant internet outages. This incident underscores the vulnerability of critical internet infrastructure and highlights the importance of robust cybersecurity measures. The outage was due to a misconfiguration of Border Gateway Protocol (BGP) routing and the implementation of an invalid Resource Public Key Infrastructure (RPKI). Felipe Cañizares, CTO of DMNTR Network Solutions, speculated that Orange Spain might not have implemented two-factor authentication on the account, potentially making it easier for the threat actor to gain unauthorized access. In response to the incident, Orange Spain acted swiftly to restore services and confirmed the unauthorized access to its RIPE account. This rapid response demonstrates their commitment to ensuring the integrity of their systems and services. Nevertheless, the event serves as a stark reminder of the potential risks associated with inadequate cybersecurity measures.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Infostealer ...
Vulnerability
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
RaccoonUnspecified
2
Raccoon is a type of malware utilized by the Scattered Spider threat actors to obtain sensitive information such as login credentials, browser cookies, and browser histories. The Raccoon Stealer is particularly notorious for its ability to detect countermeasures and delete records associated with th
Raccoon StealerUnspecified
1
Raccoon Stealer is a form of malware that was first identified in 2019. Developed by Russian-speaking coders and initially promoted on Russian-language hacking forums, the malicious software was designed to steal sensitive data from victims, including credit card information, email credentials, and
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
Ms_snow_owoUnspecified
1
None
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Orange Spain Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
6 months ago
Orange Spain Outage: BGP Traffic Hijacked by Threat Actor
CERT-EU
6 months ago
Orange Spain Outage: BGP Traffic Hijacked by Threat Actor
CERT-EU
6 months ago
Windows systems targeted by updated Bandook RAT
Checkpoint
6 months ago
8th January – Threat Intelligence Report - Check Point Research
CERT-EU
6 months ago
Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware
DARKReading
6 months ago
Administrator Account For Middle East Internet Registry Hacked
CERT-EU
6 months ago
Infosec experts divided over 23andMe’s breach blame game
CERT-EU
6 months ago
Hacker hijacked Orange Spain RIPE account causing internet outage to company customers - Security Affairs
CERT-EU
6 months ago
Major Spanish network provider disrupted by cyberattack
CERT-EU
4 months ago
Ransomware crews lean into infostealers for initial access
DARKReading
5 months ago
Looted RIPE Credentials for Sale on the Dark Web