Rover

Malware updated 21 days ago (2024-09-27T01:00:54.750Z)
Download STIX
Preview STIX
Rover is a malicious software (malware) that has the potential to exploit and damage computer systems or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Rover can steal personal information, disrupt operations, or even hold data hostage for ransom. Recently, experts discovered flaws in this malware that affected vehicles of popular brands, including Kia, Honda, Infiniti, Nissan, Acura, Mercedes-Benz, Genesis, BMW, Rolls Royce, Ferrari, Ford, Porsche, Toyota, Jaguar, and Land Rover. The term "rover" also refers to various types of vehicles, notably those used in space exploration. For instance, the Mars Rover program at the Jet Propulsion Lab was responsible for creating the algorithm behind NeuralEye's AI. In recent news, NASA released images showing the deteriorating state of China's Mars Rover. Additionally, a rover built by Carnegie Mellon University was included as part of the cargo on a recent space mission, alongside other items such as a physical Bitcoin and the cremated remains and DNA of notable individuals. In automotive terms, the name "Rover" is commonly associated with the Range Rover brand. Notably, Prince Harry was seen leaving the Rolls Building in central London in a black Range Rover, garnering support from bystanders. However, the brand has also been linked to criminal activities, with a string of thefts involving Range Rover models occurring across multiple counties in southeast England over a 12-month period. Despite these issues, major carmakers, including Toyota, Jaguar Land Rover, and Nissan, have reportedly lobbied the UK Government to weaken or delay the ban on internal combustion engines (ICE).
Description last updated: 2024-09-27T00:15:38.609Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Sidewinder is a possible alias for Rover. Sidewinder, a threat actor potentially originating from South Asia, has been orchestrating sophisticated cyber threats since at least 2012. The group has shown an evolving nature of attacks, leveraging old exploits and developing new phishing lures to compromise its targets. Sidewinder has been asso
3
Confucius is a possible alias for Rover. Confucius is a threat actor primarily known for conducting cyberespionage campaigns against Pakistan since 2013. This group has been linked to various malicious activities, including the use of novel Android spyware Hornbill and SunBird to scrape call logs and WhatsApp messages of government authori
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Police
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Rover Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
21 days ago
CERT-EU
10 months ago
CERT-EU
7 months ago
CERT-EU
7 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
CERT-EU
9 months ago
BankInfoSecurity
10 months ago
CERT-EU
10 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago