Alias Description | Votes |
---|---|
Unc2596 is a possible alias for Tropical Scorpius. UNC2596, also known as RomCom, Storm-0978, Tropical Scorpius, and Void Rabisu, is a Russian-based cybercrime group that has executed a series of attacks across Europe and North America. The threat actor has exploited two zero-day vulnerabilities in Firefox and Tor Browser in its recent operations. R | 5 |
RomCom is a possible alias for Tropical Scorpius. RomCom, a malicious software, has been identified as a significant cyber threat. Reports from third-party and open-source intelligence since spring 2022 have indicated a connection between RomCom Remote Access Trojan (RAT) actors, Cuba ransomware actors, and Industrial Spy ransomware actors. The mal | 4 |
Void Rabisu is a possible alias for Tropical Scorpius. Void Rabisu, also known as Storm-0978, UNC2596, and Tropical Scorpius, is a malicious software (malware) notable for its use of the ROMCOM backdoor. This malware has been involved in numerous attacks, including those targeting attendees of the Women Political Leaders Summit (WPL Summit) in 2023. In | 3 |
Cuba Ransomware is a possible alias for Tropical Scorpius. The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi | 3 |
Cuba is a possible alias for Tropical Scorpius. The Cuba ransomware, a malicious software active since 2019, has been linked to a series of escalating attacks on US entities and European leaders. The criminal group behind the malware, known by various aliases such as Void Rabisu, UNC2596, Tropical Scorpius, and Storm-0978, has recently targeted w | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Mantis Threat Actor is associated with Tropical Scorpius. Mantis, a threat actor known for its malicious activities, has been employing a sophisticated strategy to disrupt systems. Using a decoy FTP server, Mantis initiates a prompt-injection attack against the LLM agent. This approach essentially turns attacking AIs into prey, thereby multiplying the forc | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
InfoSecurity-magazine | 13 days ago | ||
Securityaffairs | 2 months ago | ||
ESET | 5 months ago | ||
Securityaffairs | 8 months ago | ||
InfoSecurity-magazine | 8 months ago | ||
Securityaffairs | 9 months ago | ||
Securelist | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
BankInfoSecurity | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
InfoSecurity-magazine | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago |