| Alias Description | Votes |
|---|---|
| Droxidat is a possible alias for Systembc. DroxiDat, a new variant of the SystemBC malware, was deployed in a series of attacks on critical infrastructure targets in Africa during the third and fourth weeks of March. The malware, which acts as a system profiler and simple SOCKS5-capable bot, was specifically detected at an electric utility c | 4 |
| Coroxy is a possible alias for Systembc. Coroxy is a multifaceted malware, also known as SystemBC, DroxiDat, or Proxy, that serves as a backdoor and remote access tool (RAT), adapting to the requirements of attackers. It has been associated with the Play ransomware group, and its infection chain includes various tools such as PsExec, NetSc | 2 |
| Alias Description | Association Type | Votes |
|---|---|---|
| The Smokeloader Malware is associated with Systembc. SmokeLoader is a malicious software (malware) used by threat actors to infect systems and exfiltrate data. It operates in conjunction with other open-source tools like Cobalt Strike and Bloodhound, but most notably with Phobos ransomware. Threat actors often use SmokeLoader as a hidden payload in sp | Unspecified | 3 |
| The Hijackloader Malware is associated with Systembc. HijackLoader is a new and rapidly growing malware in the cybercrime community, designed to exploit and damage computer systems. This malicious software infects systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once infiltrated, HijackLoader can steal personal | Unspecified | 2 |
| The IcedID Malware is associated with Systembc. IcedID is a prominent malware that has been utilized in various cyber-attacks. It functions as a malicious software designed to infiltrate and damage computer systems, often through suspicious downloads, emails, or websites. Once inside a system, IcedID can steal personal information, disrupt operat | Unspecified | 2 |
| The Pikabot Malware is associated with Systembc. Pikabot is a type of malware that serves as a trojan, providing initial access to infected computers. This enables the execution of ransomware deployments, remote takeovers, and data theft. It is part of a wider array of malicious software, including IcedID, Qakbot, Gozi, DarkGate, AsyncRAT, JinxLoa | Unspecified | 2 |
| The Black Basta Malware is associated with Systembc. Black Basta is a notorious malware and ransomware group known for its high-profile attacks on various sectors. The group, also known as Storm-0506, has been active since at least early 2022 and has accumulated over $107 million in Bitcoin ransom payments. It deploys malicious software to exploit vul | Unspecified | 2 |
| The Vidar Malware is associated with Systembc. Vidar is a Windows-based malware, written in C++, that primarily functions as an infostealer. It is based on the Arkei stealer and typically targets various types of data, using the ACR Stealer as an exfiltration module. However, in a unique twist, Vidar downloads the ACR stealer instead of stealing | Unspecified | 2 |
| The Redline Stealer Malware is associated with Systembc. RedLine Stealer is a type of malware, or malicious software, that infiltrates computer systems with the intent to exploit and cause damage. It typically gains access through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside the system, it can steal personal i | Unspecified | 2 |
| The Amadey Malware is associated with Systembc. Amadey is a form of malware, a malicious software designed to exploit and damage computer systems. This particular malware is distributed via the Amadey loader, which can be disseminated through phishing emails or downloads from compromised sites. It has been observed that the individual behind the | Unspecified | 2 |
| Alias Description | Association Type | Votes |
|---|---|---|
| The Pistachio Tempest Threat Actor is associated with Systembc. Pistachio Tempest, also known as FIN12, is a threat actor that has been identified as a significant cybersecurity risk, particularly to the healthcare industry. According to a report by the U.S. Department of Health and Human Services (HHS) in 2022, this group has specifically targeted healthcare en | Unspecified | 2 |
| The Rhysida Threat Actor is associated with Systembc. Rhysida, a threat actor active since May 2023, has been responsible for numerous high-profile ransomware attacks. The group is known for its use of various ransomware families, including BlackCat, Hello Kitty, Quantum Locker, Rhysida, Zeppelin, and its own eponymous program, to aid in double extorti | Unspecified | 2 |
| The Vice Society Threat Actor is associated with Systembc. Vice Society, a threat actor or hacking team with malicious intent, has been active since 2022 and has made significant waves in the cybersecurity world. The group is known for deploying various forms of ransomware, including BlackCat, Quantum Locker, Zeppelin, and their own branded variant of Zeppe | Unspecified | 2 |
| The FIN12 Threat Actor is associated with Systembc. FIN12, also known as DEV-0237 and Pistachio Tempest, is a threat actor group notorious for its malicious cyber activities. Tracked by Microsoft, this group is primarily engaged in the distribution of Hive, Conti, and Ryuk ransomware. The group has been responsible for several high-profile ransomware | Unspecified | 2 |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Securityaffairs | 3 days ago | ||
| BankInfoSecurity | a month ago | ||
| Trend Micro | 2 months ago | ||
| Securityaffairs | 2 months ago | ||
| Securityaffairs | 2 months ago | ||
| Securityaffairs | 5 months ago | ||
| DARKReading | 7 months ago | ||
| CrowdStrike | 7 months ago | ||
| CERT-EU | 8 months ago | ||
| CERT-EU | 8 months ago | ||
| Securityaffairs | 8 months ago | ||
| CERT-EU | 9 months ago | ||
| CERT-EU | 9 months ago | ||
| CERT-EU | 10 months ago | ||
| Malwarebytes | 10 months ago | ||
| CISA | 10 months ago | ||
| CERT-EU | 10 months ago | ||
| Securelist | a year ago | ||
| CERT-EU | a year ago | ||
| CERT-EU | a year ago |