Alias Description | Votes |
---|---|
Fakeupdates is a possible alias for Socgholish. FakeUpdates, a malicious software (malware), has become increasingly prevalent in recent years. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user, and can disrupt operations, steal personal information, or hold data hostage for ransom. In 2022, a | 5 |
Evil Corp is a possible alias for Socgholish. Evil Corp, a threat actor based in Russia, has been identified as a significant cybersecurity threat due to its involvement in various malicious activities, including the deployment of Dridex malware. The group is led by Maksim Yakubets and has been sanctioned by the Treasury Department for its cybe | 4 |
Clearfake is a possible alias for Socgholish. ClearFake is a malicious software (malware) that has been identified as part of a significant cybersecurity threat. It was first widely identified in April, with its primary mode of infection being through fake browser updates. This malware compromises legitimate websites by embedding malicious HTML | 3 |
Ta569 is a possible alias for Socgholish. TA569 is a malware distributor that has been utilizing fake browser updates for over five years to deliver the SocGholish malware, according to cybersecurity firm Proofpoint. The threat actor has employed various methods to direct traffic from compromised websites to their controlled domains. In one | 3 |
EXOTIC LILY is a possible alias for Socgholish. Exotic Lily, an initial access broker (IAB), has been active since at least September 2021. The entity conducts highly sophisticated phishing campaigns to gain initial access to organizations and then sells this access to other threat actors, including ransomware groups. A notable example of their m | 2 |
Fakesg is a possible alias for Socgholish. FakeSG is a recently identified malware that uses sophisticated obfuscation and delivery techniques, making it a serious threat. The malware mimics the notorious SocGholish distribution campaign, hence its name - "FakeSG". It has different browser templates, altering its appearance based on the vict | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Netsupport Rat Malware is associated with Socgholish. NetSupport RAT is a malicious software (malware) that poses a significant threat to organizational safety. The malware, which can be spread through suspicious downloads, emails, or websites, infiltrates systems without detection and has the potential to steal personal information, disrupt operations | Unspecified | 3 |
The Raspberry Robin Malware is associated with Socgholish. Raspberry Robin is a sophisticated piece of malware that uses a variety of tactics to infiltrate and exploit computer systems. It employs the CPUID instruction to conduct several checks, enabling it to assess the system's characteristics and vulnerabilities. Furthermore, Raspberry Robin has been obs | Unspecified | 3 |
The WastedLocker Malware is associated with Socgholish. WastedLocker is a sophisticated malware developed by the Evil Corp Group, a notorious cybercriminal organization. This malware is a form of ransomware that targets both Windows and Android devices, encrypting users' data and demanding a ransom for its release. Originating in 2020, WastedLocker utili | Unspecified | 3 |
The Netsupport Malware is associated with Socgholish. NetSupport is a legitimate remote access software that has been exploited as a malware tool by various threat actors. It's often used in combination with other malicious software like BlackBasta Ransomware, IcedID, and occasionally Lumma Stealer, the most common infostealer in the world today. The m | Unspecified | 2 |
The QakBot Malware is associated with Socgholish. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | Unspecified | 2 |
The AsyncRAT Malware is associated with Socgholish. AsyncRAT is a malicious software (malware) that infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom. It has recently risen to prominence, ra | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Vextrio Threat Actor is associated with Socgholish. VexTrio, a large cyber threat distributor, has been identified as a significant traffic broker for cybercriminals, according to Check Point Research's January 2024 Most Wanted Malware report. The entity operates one of the most extensive HTTP-based Traffic Direction System (TDS) networks, with an in | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 2 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
DARKReading | 9 months ago | ||
Securityaffairs | 3 months ago | ||
BankInfoSecurity | 7 months ago | ||
CERT-EU | 7 months ago | ||
Checkpoint | 8 months ago | ||
CERT-EU | 8 months ago | ||
Malware-traffic-analysis.net | 8 months ago | ||
CERT-EU | 8 months ago | ||
BankInfoSecurity | 9 months ago | ||
DARKReading | 9 months ago | ||
CERT-EU | 9 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |