Solntsepyok

Malware Profile Updated 2 months ago
Download STIX
Preview STIX
Solntsepyok, a malware that is short for malicious software, has been identified as a significant threat to computer systems and data. This harmful program is designed to exploit and damage your computer or device, infiltrating your system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom. The SBU (Security Service of Ukraine) attributed a recent major cyberattack to Solntsepyok, a group believed to be affiliated with Sandworm, another notorious hacking group. The attack notably targeted Ukraine's largest mobile operator, Kyivstar, causing what was described as "the biggest cyberattack on telco infrastructure in the world". This resulted in widespread internet and network outages and interfered with air raid alerts. Shortly after the incident, Solntsepyok claimed responsibility for the breach, along with another hacker group called Killmilk. Assessments have linked Solntsepyok to the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), which also operates Sandworm. Solntsepyok is suspected to be a front for Sandworm, a well-known Russian hacking group associated with Russia’s GRU military intelligence agency. This agency has been persistently targeting Ukraine, including its energy sector, since the beginning of the Russian invasion with multiple data-wiping malware.
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Sandworm
1
Sandworm, a threat actor linked to Russia, is known for its malicious cyber activities. These actions have been characterized by significant breaches and disruptions, primarily targeting Ukrainian entities. This group has demonstrated advanced capabilities, including the use of fileless attacks as d
Killmilk
1
KillMilk, a threat actor and leader of the hacking group Killnet, has been identified as Nikolai Serafimov, a 30-year-old Russian citizen. KillMilk has been instrumental in consolidating Russian hacktivist groups under Killnet's leadership, amassing a following of 8,000 members on his personal Teleg
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Russia
Ukraine
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Solntsepyok Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
6 months ago
Russian Hackers Were Inside Ukrainian Telecoms Giant for a year | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
6 months ago
How this Ukrainian telecom company was hit by Russian hackers in one of the biggest cyberattack of war | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
6 months ago
Russian hackers were inside Ukraine telecoms giant for months - cyber spy chief
CERT-EU
6 months ago
Ukraine says Russian hackers were inside their telecom network since May last year | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
CERT-EU
7 months ago
New support mechanism launched to strengthen Ukraine’s cyber defenses
CERT-EU
6 months ago
Russia's Sandworm officially blamed for Kyivstar cyberattack
CERT-EU
6 months ago
Russian Hackers Had Covert Access to Ukraine's Telecom Giant for Months | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
6 months ago
Russian Hackers Had Covert Access to Ukraine's Telecom Giant for Months