Alias Description | Votes |
---|---|
Peapod is a possible alias for RomCom. Peapod is a sophisticated form of malware that has evolved from the RomCom 3.0 backdoor. The cybercriminal group Void Rabisu appears to have transitioned from using RomCom 3.0 to Peapod, which exhibits several architectural differences compared to its predecessor. This new strain, also referred to a | 6 |
Romcom Backdoor is a possible alias for RomCom. The RomCom backdoor, a malicious software, is primarily used by the threat actor Void Rabisu, also known as Tropical Scorpius or Storm-0978. This malware has been associated with Cuba ransomware and has been notably deployed in cyberespionage activities, shifting away from opportunistic ransomware a | 5 |
Snipbot is a possible alias for RomCom. SnipBot is a malicious software program that was first identified in Ukraine and submitted to VirusTotal in December 2023. It uses a custom obfuscation technique and advanced anti-analysis tricks to infiltrate systems undetected. The malware's execution flow begins with an initial EXE downloader, wh | 3 |
Romcom Remote Access Trojan is a possible alias for RomCom. The RomCom Remote Access Trojan (RAT) is a harmful malware that has been evolving and causing significant threats to cybersecurity. Based on the RomCom 3.0 version, it incorporates techniques seen in RomCom 4.0, resulting in the creation of RomCom 5.0. This malware can infiltrate systems via suspici | 3 |
Tropical Scorpius is a possible alias for RomCom. Tropical Scorpius is a notorious malware, first identified in late 2020, associated with the Cuba ransomware gang. This malicious software has been linked to multiple cybercriminal activities, including disrupting operations, stealing personal information, and holding data hostage for ransom. The ma | 2 |
Unc2596 is a possible alias for RomCom. UNC2596, also known as Void Rabisu, Tropical Scorpius, and Storm-0978, is a hybrid threat actor involved in both financially motivated and espionage attacks. This group has been refining its tactics and techniques, utilizing backdoor attacks that have targeted various high-profile events, including | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Cuba Ransomware Malware is associated with RomCom. The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi | Unspecified | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The Void Rabisu Threat Actor is associated with RomCom. Void Rabisu, also known as Storm-0978, UNC2596, and Tropical Scorpius, is a malicious software (malware) notable for its use of the ROMCOM backdoor. This malware has been involved in numerous attacks, including those targeting attendees of the Women Political Leaders Summit (WPL Summit) in 2023. In | has used | 3 |
The Storm-0978 Threat Actor is associated with RomCom. Storm-0978, also known as RomCom or DEV-0978, is a threat actor group alleged to have connections with Russia. Microsoft, in a blog post published on July 11, 2023, accused this group of exploiting the vulnerability CVE-2023-36884 to install backdoors on target systems. The cybersecurity industry ha | is related to | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-36884 Vulnerability is associated with RomCom. CVE-2023-36884 is a significant software vulnerability that affects Microsoft Windows, Server, Office, and Outlook. This flaw in the design or implementation of these software platforms allows for remote code execution (RCE), which has been exploited by cybercriminals and potentially state-sponsored | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Contagio | 22 days ago | ||
DARKReading | 24 days ago | ||
Unit42 | 24 days ago | ||
Flashpoint | 5 months ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Unit42 | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
DARKReading | a year ago | ||
InfoSecurity-magazine | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Trend Micro | a year ago | ||
CERT-EU | a year ago |