Alias Description | Votes |
---|---|
Blacksuit is a possible alias for Royal Ransomware. BlackSuit is a malicious software (malware) that has been causing significant harm in the digital world. It infiltrates systems through dubious downloads, emails, or websites, and once inside, it can steal personal data, disrupt operations, or hold data hostage for ransom. BlackSuit malware, which i | 10 |
Blacksuit Ransomware is a possible alias for Royal Ransomware. The BlackSuit ransomware is a malicious software designed to exploit and damage computer systems, often holding data hostage for ransom. Introduced in May 2023, it is a continuation or new version of the Royal ransomware operation, with the rebranding officially noted by the FBI and CISA in an advis | 2 |
Hive is a possible alias for Royal Ransomware. Hive is a malicious software (malware) known for its ransomware capabilities, which has been highly active in numerous countries, including the US. This malware infects systems often through suspicious downloads, emails, or websites, disrupting operations and stealing personal information. Notably, | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Conti Malware is associated with Royal Ransomware. Conti is a notorious type of malware, specifically ransomware, that infiltrates computer systems to steal data and disrupt operations. The malicious software often spreads through suspicious downloads, emails, or websites, and once inside, it can hold data hostage for ransom. The Conti ransomware op | is related to | 7 |
The Batloader Malware is associated with Royal Ransomware. Batloader is a malware downloader posing as installers or updates for legitimate applications such as Microsoft Teams, Zoom, and others. This malicious software can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal | is related to | 5 |
The Lockbit Malware is associated with Royal Ransomware. LockBit is a notorious malware that operates on a ransomware-as-a-service model, which has been responsible for significant cyber attacks across the globe. One of its most high-profile targets was Boeing, from whom the LockBit gang claimed to have stolen data. This incident not only disrupted operat | Unspecified | 5 |
The Blackbasta Malware is associated with Royal Ransomware. BlackBasta is a notorious malware, particularly known for its ransomware attacks. The group behind it has been linked with other harmful software such as IcedID, NetSupport, Gozi, PikaBot, Pushdo, Quantum, Royal, and Nokoyawa. Artifacts and indicators of compromise (IoCs) suggest a possible relation | Unspecified | 4 |
The QakBot Malware is associated with Royal Ransomware. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | Unspecified | 3 |
The Netsupport Manager Malware is associated with Royal Ransomware. NetSupport Manager is a malicious software (malware) that poses significant threats to computer systems and networks. It is often disguised as legitimate software or tools, such as the 7-zip compression utility or a fake Chrome browser update, to trick users into downloading and installing it. Once | Unspecified | 2 |
The IcedID Malware is associated with Royal Ransomware. IcedID is a type of malware, malicious software designed to exploit and damage computer systems. It has been identified in association with various other malwares such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, and Pikabot. The IcedID IntBot Loader (int-bot.dll) is | Unspecified | 2 |
The Vidar Malware is associated with Royal Ransomware. Vidar is a malicious software (malware) that operates as an infostealer, primarily targeting Windows-based systems. It's written in C++ and is based on the Arkei stealer. Vidar is part of a broader landscape of malware threats such as Emotet, IcedID, CobaltStrike, SVCReady, CargoBay, Pushdo, Minodo, | Unspecified | 2 |
The Ghost Clown Malware is associated with Royal Ransomware. Ghost Clown is a malware entity that has been implicated in the deployment of malicious software, specifically ransomware strains like BlackBasta and Conti. This previously undetected ransomware group, along with another affiliate named Space Kook, were identified by anti-ransomware company Halcyon. | Unspecified | 2 |
The TrickBot Malware is associated with Royal Ransomware. TrickBot is a notorious malware that has been used extensively by cybercriminals to exploit and damage computer systems. It operates as a crimeware-as-a-service platform, infecting systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can stea | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Royal Ransomware. AlphV, also known as BlackCat, is a notorious threat actor that has been active since November 2021. This group pioneered the public leaks business model and has been associated with various ransomware families, including Akira, LockBit, Play, and Basta. AlphV gained significant attention for its la | Unspecified | 3 |
The Conti Team Threat Actor is associated with Royal Ransomware. The Conti team, a threat actor group known for its malicious activities in the cyber realm, has seen significant developments and transformations over recent years. In September 2022, a splinter group from Conti Team One resurfaced under the name Royal Ransomware, conducting callback phishing attack | is related to | 2 |
The Medusa Threat Actor is associated with Royal Ransomware. Medusa, a prominent threat actor in the cybersecurity landscape, has been increasingly active with its ransomware attacks. The group made headlines in November 2023 when it leveraged a zero-day exploit for the Citrix Bleed vulnerability (CVE-2023-4966), leading to numerous compromises alongside othe | Unspecified | 2 |
The Space Kook Threat Actor is associated with Royal Ransomware. Space Kook is a threat actor, or malicious entity, identified in the cybersecurity industry for its involvement in ransomware operations. Named after a villain from Scooby Doo, Space Kook was first linked to malicious activities by Halcyon's analysis, which showed connections to an initial access br | Unspecified | 2 |
The Zeon Threat Actor is associated with Royal Ransomware. Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 2 months ago | ||
CISA | 2 months ago | ||
InfoSecurity-magazine | 3 months ago | ||
Securityaffairs | 3 months ago | ||
BankInfoSecurity | 4 months ago | ||
Checkpoint | 4 months ago | ||
DARKReading | 5 months ago | ||
DARKReading | 5 months ago | ||
BankInfoSecurity | 6 months ago | ||
Checkpoint | 6 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | 7 months ago | ||
CERT-EU | 8 months ago | ||
Unit42 | 8 months ago | ||
DARKReading | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago |