Stmx_ghostlocker

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
STMX_GhostLocker is a new and potent form of malware developed by the collaboration of two significant ransomware groups, GhostLocker and Stormous. The malware was first announced on "The Five Families" Telegram channel by the Stormous group on February 24, 2024. This malicious software is designed to infiltrate systems, disrupt operations, steal personal information, or even hold data hostage for ransom. It poses a significant threat due to its capacity to infect systems through various channels such as suspicious downloads, emails, or websites. The innovative aspect of STMX_GhostLocker is its deployment as a Ransomware-as-a-Service (RaaS) program. This model provides affiliates with different options to distribute the ransomware, thereby expanding its potential reach and impact. The RaaS program has been introduced in response to the revamping of their previous programs, aiming to increase efficiency and effectiveness in their operations. The program's working models for both member and non-member affiliates have been made available, suggesting an active recruitment drive for new members or affiliates. The launch of the STMX_GhostLocker RaaS program marks a significant evolution in the tactics employed by ransomware groups. By providing various options for their affiliates, these groups can increase the spread of their harmful software, making it harder for cybersecurity measures to keep up. The development and spread of STMX_GhostLocker underscore the increasing sophistication of cyber threats and the need for robust and adaptive cybersecurity strategies.
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Ghostlocker
3
GhostLocker is a harmful malware developed by the cybercrime gang GhostSec, which has seen a significant surge in its hacking activities over the past year. The group has recently introduced an updated version of this malicious software, known as GhostLocker 2.0 ransomware, a Golang variant of the o
Ghostsec
2
GhostSec is a malicious software (malware) identified as a significant cybersecurity threat. This harmful program, designed to exploit and damage computers or devices, infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, it can steal pe
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
RaaS
Ransomware
Telegram
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Stmx_ghostlocker Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
DARKReading
5 months ago
GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia
CERT-EU
5 months ago
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
5 months ago
GhostSec Evolves With Website Compromise Tools
Securityaffairs
5 months ago
Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks
CERT-EU
4 months ago
The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions
CERT-EU
4 months ago
GhostLocker 2.0 Unleashes Cyber Haunting Spree in the Middle East, Africa, and Asia
CERT-EU
5 months ago
You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam