Alias Description | Votes |
---|---|
Clop is a possible alias for Truebot. Clop, also known as Cl0p, is a ransomware group primarily targeting financial gain by holding data or services hostage. This Russian-speaking cybercriminal organization began exploiting a zero-day vulnerability, CVE-2023-34362, in Progress Software's MOVEit secure file transfer software on May 27, 2 | 7 |
FlawedGrace is a possible alias for Truebot. FlawedGrace is a notorious malware, a remote access trojan (RAT), that has been used extensively in cyberattacks. It was first brought to light in June 2023 when The DFIR Report revealed its use in Truebot operations. In these operations, following the successful download of a malicious file, Truebo | 5 |
TA505 is a possible alias for Truebot. TA505, also known as Cl0p Ransomware Gang and Lace Tempest, is a highly active and sophisticated cybercriminal group. The group has been associated with various high-profile cyber-attacks, demonstrating adaptability through a multi-vector approach to their operations. In June 2023, the U.S. Cybersec | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The truebot malware Malware is associated with Truebot. Truebot malware is a malicious software that infiltrates computer systems, often without the user's knowledge, to exploit and damage the device. It was primarily delivered by cyber threat actors via malicious phishing email attachments, but newer versions observed in 2023 also gained initial access | Unspecified | 8 |
The Raspberry Robin Malware is associated with Truebot. Raspberry Robin is a sophisticated piece of malware that uses a variety of tactics to infiltrate and exploit computer systems. It employs the CPUID instruction to conduct several checks, enabling it to assess the system's characteristics and vulnerabilities. Furthermore, Raspberry Robin has been obs | Unspecified | 3 |
The Cobalt Strike Beacon Malware is associated with Truebot. Cobalt Strike Beacon is a type of malware that has been linked to numerous ransomware activities. This malicious software is often loaded by HUI Loader, which has been identified in several instances (mpc.tmp, dlp.ini, vmtools.ini, and an encrypted version via vm.cfg). In one notable case, threat ac | Unspecified | 2 |
The Bumblebee Malware is associated with Truebot. Bumblebee is a sophisticated malware loader first discovered by Google's Threat Analysis Group (TAG) in March 2022. It was named Bumblebee based on a user-agent string it used. The malware has been actively used by cybercriminal groups to distribute various types of malicious payloads such as ransom | Unspecified | 2 |
The IcedID Malware is associated with Truebot. IcedID is a prominent malware that has been utilized in various cyber-attacks. It functions as a malicious software designed to infiltrate and damage computer systems, often through suspicious downloads, emails, or websites. Once inside a system, IcedID can steal personal information, disrupt operat | Unspecified | 2 |
The malware Silence Downloader is associated with Truebot. | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Evil Corp Threat Actor is associated with Truebot. Evil Corp, a threat actor based in Russia, has been identified as a significant cybersecurity threat due to its involvement in various malicious activities, including the deployment of Dridex malware. The group is led by Maksim Yakubets and has been sanctioned by the Treasury Department for its cybe | Unspecified | 2 |
The Lace Tempest Threat Actor is associated with Truebot. Lace Tempest, a threat actor known for executing actions with malicious intent, has been identified as the orchestrator behind a series of cyber attacks exploiting a zero-day vulnerability in SysAid. The exploit was first brought to light by SysAid and further detailed in a blog post on TuxCare. Thi | Unspecified | 2 |
The Bl00dy Threat Actor is associated with Truebot. Bl00dy is a threat actor known for its malicious activities in the cyber world. The group, along with another threat actor called Black Basta, have recently been identified as exploiting bugs in ConnectWise ScreenConnect, a popular remote management tool. This exploitation has led to a significant i | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2022-31199 Vulnerability is associated with Truebot. CVE-2022-31199 is a critical remote code execution (RCE) vulnerability discovered in Netwrix Auditor, a widely-used software for on-premises and cloud-based IT system auditing. This flaw in the software's design or implementation allows cyber threat actors to exploit it and gain unauthorized access | Unspecified | 5 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 6 months ago | ||
Flashpoint | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | 2 years ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
InfoSecurity-magazine | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | 2 years ago | ||
CERT-EU | a year ago |