Alias Description | Votes |
---|---|
Clop is a possible alias for Truebot. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin | 7 |
FlawedGrace is a possible alias for Truebot. FlawedGrace is a notorious malware, a remote access trojan (RAT), that has been used extensively in cyberattacks. It was first brought to light in June 2023 when The DFIR Report revealed its use in Truebot operations. In these operations, following the successful download of a malicious file, Truebo | 5 |
TA505 is a possible alias for Truebot. TA505, also known as Cl0p Ransomware Gang and Lace Tempest, is a highly active and sophisticated cybercriminal group. The group has been associated with various high-profile cyber-attacks, demonstrating adaptability through a multi-vector approach to their operations. In June 2023, the U.S. Cybersec | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The truebot malware Malware is associated with Truebot. Truebot malware is a malicious software that infiltrates computer systems, often without the user's knowledge, to exploit and damage the device. It was primarily delivered by cyber threat actors via malicious phishing email attachments, but newer versions observed in 2023 also gained initial access | Unspecified | 8 |
The Raspberry Robin Malware is associated with Truebot. Raspberry Robin is a sophisticated malware that uses advanced techniques to infiltrate and exploit computer systems. The malicious software is designed to stealthily enter a system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can wreak havoc by st | Unspecified | 3 |
The Cobalt Strike Beacon Malware is associated with Truebot. Cobalt Strike Beacon is a type of malware, a harmful software designed to exploit and damage computer systems. It is often loaded by HUI Loader through various files such as mpc.tmp, dlp.ini, vmtools.ini, and an encrypted file vm.cfg. The Insikt Group has identified six distinct Cobalt Strike Beacon | Unspecified | 2 |
The Bumblebee Malware is associated with Truebot. Bumblebee is a type of malware that has been linked to ITG23, a cyber threat group. Over the past year, it has been used in conjunction with other initial access malwares such as Emotet, IcedID, Qakbot, and Gozi during ITG23 attacks. The same values for self-signed certificates seen in Bumblebee hav | Unspecified | 2 |
The IcedID Malware is associated with Truebot. IcedID is a malicious software (malware) that has been implicated in numerous cybercrime campaigns. It has been associated with other notable malware such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, Pikabot, and SystemBC. Its distribution often involves the use of d | Unspecified | 2 |
The malware Silence Downloader is associated with Truebot. | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Evil Corp Threat Actor is associated with Truebot. Evil Corp, a threat actor based in Russia, has been identified as a significant cybersecurity threat due to its involvement in various malicious activities, including the deployment of Dridex malware. The group is led by Maksim Yakubets and has been sanctioned by the Treasury Department for its cybe | Unspecified | 2 |
The Lace Tempest Threat Actor is associated with Truebot. Lace Tempest, a threat actor known for executing actions with malicious intent, has been identified as the orchestrator behind a series of cyber attacks exploiting a zero-day vulnerability in SysAid. The exploit was first brought to light by SysAid and further detailed in a blog post on TuxCare. Thi | Unspecified | 2 |
The Bl00dy Threat Actor is associated with Truebot. Bl00dy is a threat actor known for its malicious activities in the cyber world. The group, along with another threat actor called Black Basta, have recently been identified as exploiting bugs in ConnectWise ScreenConnect, a popular remote management tool. This exploitation has led to a significant i | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2022-31199 Vulnerability is associated with Truebot. CVE-2022-31199 is a critical remote code execution (RCE) vulnerability discovered in Netwrix Auditor, a widely-used software for on-premises and cloud-based IT system auditing. This flaw in the software's design or implementation allows cyber threat actors to exploit it and gain unauthorized access | Unspecified | 5 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 8 months ago | ||
Flashpoint | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
Securityaffairs | 2 years ago | ||
CERT-EU | 2 years ago | ||
CERT-EU | 2 years ago | ||
InfoSecurity-magazine | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | 2 years ago | ||
Securityaffairs | 2 years ago | ||
CERT-EU | 2 years ago |