Alias Description | Votes |
---|---|
SUPERNOVA is a possible alias for SUNBURST. SUPERNOVA is a potent and novel malware, as reported by FireEye during the SolarWinds compromise. It stands out due to its in-memory execution, sophistication in parameters and execution, and flexibility by implementing a full programmatic API to the .NET runtime. This malware compiles parameters on | 2 |
Solorigate is a possible alias for SUNBURST. Solorigate, also known as SUNBURST, is a sophisticated malware that was used in a series of cyberattacks in 2021. The malware was discovered to have been implanted into the SolarWinds Orion software through a supply-chain compromise, which Microsoft initially dubbed as "Solorigate". This allowed the | 2 |
TEARDROP is a possible alias for SUNBURST. Teardrop is a sophisticated malware used in cyber attacks, often associated with APT29/Cozy Bear, a group known for deploying advanced tactics and techniques. It has been linked to the Solorigate (SUNBURST) backdoor and is part of a suite of tools including Raindrop, GoldMax, and others used by the | 2 |
OilRig is a possible alias for SUNBURST. OilRig, also known as APT34, Earth Simnavaz, Evasive Serpens, and other names, is a well-known threat actor in the cybersecurity industry. This group has been particularly active in targeting entities in the Middle East, including critical infrastructure and telecommunications organizations. One of | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Kazuar Malware is associated with SUNBURST. Kazuar is a sophisticated multiplatform trojan horse malware that has been associated with the Russian-based threat group Turla, also known as Pensive Ursa, Uroburos, or Snake. This group, believed to be linked to the Russian Federal Security Service (FSB), has been operating since at least 2004 and | is related to | 6 |
The Tomiris Malware is associated with SUNBURST. Tomiris is a malware group that has been active since at least 2019, known for using the backdoor QUIETCANARY. The group has also used Turla malware, indicating a possible cooperation or shared expertise between Tomiris and Turla. A significant development was observed in September 2022 when a Tunnu | Unspecified | 2 |
The GoldMax Malware is associated with SUNBURST. GoldMax is a sophisticated malware, initially discovered to target Windows platforms with the earliest identified timestamp indicating a compilation in May 2020. The malicious software was designed by threat actors to exploit and damage computer systems, often infiltrating without the user's knowled | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The APT29 Threat Actor is associated with SUNBURST. APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw | Unspecified | 3 |
The NOBELIUM Threat Actor is associated with SUNBURST. Nobelium, a Russia-linked Advanced Persistent Threat (APT) group also known as APT29, SVR Group, BlueBravo, Cozy Bear, Midnight Blizzard, and The Dukes, has been identified as a significant cybersecurity threat. In 2024, Nobelium targeted French diplomatic entities, posing a major concern to the int | Unspecified | 3 |
The Turla Threat Actor is associated with SUNBURST. Turla, a threat actor linked to Russia, is known for its sophisticated cyber espionage operations. The group has been associated with numerous high-profile attacks, often utilizing advanced backdoors and fileless malware for infiltration and persistence. Turla's tactics, techniques, and procedures ( | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
CERT-EU | a year ago | ||
InfoSecurity-magazine | 4 months ago | ||
DARKReading | 4 months ago | ||
InfoSecurity-magazine | 5 months ago | ||
Unit42 | 7 months ago | ||
DARKReading | 7 months ago | ||
CERT-EU | 9 months ago | ||
DARKReading | 10 months ago | ||
BankInfoSecurity | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
DARKReading | a year ago | ||
MITRE | a year ago | ||
MITRE | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |