Alias Description | Votes |
---|---|
Pikabot is a possible alias for Smokeloader. Pikabot is a malicious software (malware) that has been used extensively by various threat groups to exploit and damage computer systems. Initially, the BlackBasta group used phishing and vishing to deliver malware types such as DarkGate and Pikabot but quickly sought alternatives for further malici | 2 |
Gozi Isfb is a possible alias for Smokeloader. Gozi ISFB, also known as Ursnif and Dreambot, is a malicious software (malware) that has been actively developed and distributed worldwide. This malware is designed to exploit computer systems, primarily targeting the banking and financial sectors by stealing passwords and credentials from victims. | 2 |
IcedID is a possible alias for Smokeloader. IcedID is a malicious software (malware) that has been implicated in numerous cybercrime campaigns. It has been associated with other notable malware such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, Pikabot, and SystemBC. Its distribution often involves the use of d | 2 |
Privateloader is a possible alias for Smokeloader. PrivateLoader is a notable malware that has been active since at least December 19, 2022. It acts as the first step in many malware schemes, often initiating an infection chain that leads to other malicious software. The malware can infiltrate systems through suspicious downloads, emails, or website | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Phobos Malware is associated with Smokeloader. Phobos is a form of malware, specifically ransomware, that has been active since May 2019. The operation utilizes a ransomware-as-a-service (RaaS) model and is responsible for numerous cyber attacks worldwide. Threat actors behind Phobos gained initial access to vulnerable networks through phishing | Unspecified | 5 |
The TrickBot Malware is associated with Smokeloader. TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev, | Unspecified | 3 |
The Redline Stealer Malware is associated with Smokeloader. The RedLine Stealer is a formidable malware that specializes in stealthily stealing credentials and sensitive information. First documented in 2020, it has since evolved to use the Windows Communication Foundation (WCF) framework and later a REST API for network communication. This malware infects s | Unspecified | 3 |
The Amadey Malware is associated with Smokeloader. Amadey is a malicious software (malware) that has been known since 2018 and is notorious for stealing credentials from popular browsers and various Virtual Network Computing (VNC) systems. The malware, which is often sold in underground forums, uses sophisticated techniques to infect systems, includ | Unspecified | 3 |
The Systembc Malware is associated with Smokeloader. SystemBC is a type of malware, or malicious software, known for its disruptive and exploitative nature. It infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user. Once embedded, it can steal personal information, interrupt operations, or hold data hostage f | Unspecified | 3 |
The Zloader Malware is associated with Smokeloader. ZLoader is a form of malware, or malicious software, that is designed to exploit and damage computer systems. This harmful program can infiltrate a device through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal inform | Unspecified | 2 |
The Bumblebee Malware is associated with Smokeloader. Bumblebee is a type of malware that has been linked to ITG23, a cyber threat group. Over the past year, it has been used in conjunction with other initial access malwares such as Emotet, IcedID, Qakbot, and Gozi during ITG23 attacks. The same values for self-signed certificates seen in Bumblebee hav | Unspecified | 2 |
The Venomrat Malware is associated with Smokeloader. VenomRAT is a sophisticated piece of malware that was discovered by security researchers, designed to exploit and damage computer systems. The malicious software infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal | Unspecified | 2 |
The Scrubcrypt Malware is associated with Smokeloader. ScrubCrypt is a sophisticated malware that has been used as a delivery mechanism for other malicious software, notably VenomRAT. The malware operates by exploiting systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside the system, ScrubCrypt can disrupt | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The 8base Threat Actor is associated with Smokeloader. 8base, a significant threat actor in the cybersecurity landscape, has been active between April 2022 and May 2023. This group, while not new, has recently increased its visibility with the activation of a public leak site used to pressure victims into paying ransoms. In the last month alone, 8base o | Unspecified | 3 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 13 days ago | ||
Securityaffairs | a month ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
DARKReading | 5 months ago | ||
DARKReading | 6 months ago | ||
Securityaffairs | 6 months ago | ||
BankInfoSecurity | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Flashpoint | 6 months ago | ||
ESET | 8 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 9 months ago | ||
Securityaffairs | 9 months ago | ||
CERT-EU | 9 months ago |