Alias Description | Votes |
---|---|
Fakeupdates is a possible alias for Socgholish. FakeUpdates, a malicious software (malware), has become increasingly prevalent in recent years. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user, and can disrupt operations, steal personal information, or hold data hostage for ransom. In 2022, a | 5 |
Evil Corp is a possible alias for Socgholish. Evil Corp, a threat actor based in Russia, has been identified as a significant cybersecurity threat due to its involvement in various malicious activities, including the deployment of Dridex malware. The group is led by Maksim Yakubets and has been sanctioned by the Treasury Department for its cybe | 4 |
Clearfake is a possible alias for Socgholish. ClearFake is a malicious software, or malware, that has been identified as a significant threat to cybersecurity. Its primary method of propagation is through fake browser updates, encouraging users to copy and execute harmful PowerShell commands. This deceptive approach enables cybercriminals to in | 3 |
Ta569 is a possible alias for Socgholish. TA569 is a malware distributor that has been utilizing fake browser updates for over five years to deliver the SocGholish malware, according to cybersecurity firm Proofpoint. The threat actor has employed various methods to direct traffic from compromised websites to their controlled domains. In one | 3 |
EXOTIC LILY is a possible alias for Socgholish. Exotic Lily, an initial access broker (IAB), has been active since at least September 2021. The entity conducts highly sophisticated phishing campaigns to gain initial access to organizations and then sells this access to other threat actors, including ransomware groups. A notable example of their m | 2 |
Fakesg is a possible alias for Socgholish. FakeSG is a recently identified malware that uses sophisticated obfuscation and delivery techniques, making it a serious threat. The malware mimics the notorious SocGholish distribution campaign, hence its name - "FakeSG". It has different browser templates, altering its appearance based on the vict | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The WastedLocker Malware is associated with Socgholish. WastedLocker is a sophisticated malware developed by the Evil Corp Group, a notorious cybercriminal organization. This malware is a form of ransomware that targets both Windows and Android devices, encrypting users' data and demanding a ransom for its release. Originating in 2020, WastedLocker utili | Unspecified | 3 |
The Raspberry Robin Malware is associated with Socgholish. Raspberry Robin is a sophisticated malware that uses advanced techniques to infiltrate and exploit computer systems. The malicious software is designed to stealthily enter a system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can wreak havoc by st | Unspecified | 3 |
The Netsupport Rat Malware is associated with Socgholish. NetSupport RAT is a malicious software (malware) that poses a significant threat to organizational safety. The malware, which can be spread through suspicious downloads, emails, or websites, infiltrates systems without detection and has the potential to steal personal information, disrupt operations | Unspecified | 3 |
The AsyncRAT Malware is associated with Socgholish. AsyncRAT is a malicious software (malware) that infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom. It has recently risen to prominence, ra | Unspecified | 2 |
The QakBot Malware is associated with Socgholish. Qakbot is a type of malware, or malicious software, that infiltrates computer systems to exploit and damage them. This harmful program can infect devices through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt ope | Unspecified | 2 |
The Netsupport Malware is associated with Socgholish. NetSupport is a legitimate remote access software that has been repurposed as malware by various cybercriminal groups. It has been observed in several high-profile cyber-attacks, including the Royal ransomware attack and operations conducted by former ITG23 members. The malware can infiltrate system | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Vextrio Threat Actor is associated with Socgholish. Vextrio, a significant threat actor in the cybercrime landscape, has been uncovered as a major traffic broker for cybercriminals by Check Point Research's January 2024 Most Wanted Malware report. The group operates Vextrio Viper, a Traffic Distribution System (TDS) network established in 2020, which | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Malwarebytes | 5 days ago | ||
DARKReading | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
DARKReading | a year ago | ||
Securityaffairs | 5 months ago | ||
BankInfoSecurity | 8 months ago | ||
CERT-EU | 9 months ago | ||
Checkpoint | 10 months ago | ||
CERT-EU | 10 months ago | ||
Malware-traffic-analysis.net | 10 months ago | ||
CERT-EU | 10 months ago | ||
BankInfoSecurity | a year ago | ||
DARKReading | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |