Dark Web Profile: Flax Typhoon
Apr 18, 2025
Categories
Jul 25, 2023
APT Profile: Kimsuky
APT Profile: Kimsuky [Update] December 2, 2024: “Kimsuky’s Phishing Evolution and the Threat of Malwareless Attacks” In cyberspace, the Korean Peninsula has been a hotbed of activity for ...
Learn More
Jul 21, 2023
Dark Web Threat Profile: CLOP Ransomware
Dark Web Threat Profile: CLOP Ransomware [Update] August 7, 2023: Clop ransomware has now adopted Torrents as a distribution method for the stolen data. See more under: “Clop Adopts New Extortion Appr...
Learn More
Jul 13, 2023
Threat Actor Profile: BianLian, The Shape-Shifting Ransomware Group
Threat Actor Profile: BianLian, The Shape-Shifting Ransomware Group Nowadays, there is a rise in the number of ransomware groups with names that mean something. For example, Yanluowang is a deity in C...
Learn More
Jul 06, 2023
Dark Web Profile: MalasLocker Ransomware
Dark Web Profile: MalasLocker Ransomware A new player has emerged on the stage of cybercrime by announcing multiple victim announcements at the end of April. Dubbed “MalasLocker,” this ransomware oper...
Learn More
Jul 03, 2023
APT Profile: FIN7
APT Profile: FIN7 In the world of cybercrime, a name resounds with an unsettling echo – FIN7. This notorious cyber gang has left its mark on the globe, causing digital chaos wherever they go. By infil...
Learn More
Jun 29, 2023
APT Profile: Turla
APT Profile: Turla In the digital age, war has transitioned into the virtual world, where many types of cybercriminals, such as hacktivists and nation-state actors, are called Advanced Persistent Thre...
Learn More
Jun 05, 2023
Dark Web Profile: Play Ransomware
Dark Web Profile: Play Ransomware [Update] July 22, 2024: “Play Ransomware Broadens Its Scope with New Linux Variant Targeting ESXi” [Update] December 19, 2023: “Collaborative Advisory on Play Ransomw...
Learn More
May 09, 2023
Dark Web Profile: KillNet Anonymous Sudan
Dark Web Profile: KillNet Anonymous Sudan [Update] October 17, 2024: “Indictment of Two Sudanese Nationals Behind Anonymous Sudan” [Update] July 5, 2023: In a recent cyber attack, Anonymous Sudan clai...
Learn More
May 02, 2023
Dark Web Profile: BlackByte Ransomware
Dark Web Profile: BlackByte Ransomware Ransomware has been one of the most glaring threats against organizations in recent years. Since 2021 SOCRadar has detected around 5,600 ransomware attacks. Ther...
Learn More
Apr 27, 2023
Dark Web Profile: LockBit 3.0 Ransomware
Dark Web Profile: LockBit 3.0 Ransomware [Update] August 31, 2023: See the subheading: “LockBit’s Operational Struggles, Empty Threats, and Sudden Surge.” [Update] July 03, 2023: LockBit claimed to h...
Learn More
Mar 30, 2023
APT Profile: APT-C-35 / DoNot Team
APT Profile: APT-C-35 / DoNot Team [Update] June 20, 2023: A new espionage campaign attributed to APT-C-35 (DoNot Team) targets users in Pakistan with trojanized apps on Google Play, added the subhead...
Learn More
Mar 22, 2023
APT Profile: Sandworm
APT Profile: Sandworm Threat actors range from teenagers eager to earn quick cash to state-sponsored actors with agendas behind their operations. The agendas of these state-sponsored groups may includ...
Learn More
Mar 17, 2023
APT Profile: Cozy Bear / APT29
APT Profile: Cozy Bear / APT29 [Update] October 11, 2024: “Joint Advisory Warns of Mass Exploitation of Zimbra and TeamCity Servers by APT29” [Update] February 27, 2024: See the subheading: “Joint Adv...
Learn More
Mar 06, 2023
Dark Web Profile: NoName057(16)
Dark Web Profile: NoName057(16) By SOCRadar Research [Update] July 11, 2023: NoName recently launched a cyber attack on Poland, targeting critical infrastructures such as the National Bank of Poland a...
Learn More
Jan 26, 2023
Dark Web Profile: Hive Ransomware Group
Dark Web Profile: Hive Ransomware Group by SOCRadar Research [Update] November 14, 2023: See the subheading: “New Era of Hive Ransomware Under Hunters International.” On November 8, 2021 electronics r...
Learn More
Jan 09, 2023
Dark Web Profile: Royal Ransomware
Dark Web Profile: Royal Ransomware By SOCRadar Research [Update] November 14, 2023: See the subheading: “CSA Update from CISA and FBI: Royal Ransomware’s Possible Rebranding to ‘Blacksuit’” Ransomwar...
Learn More
Dec 16, 2022
Dark Web Profile: Killnet - Russian Hacktivist Group
Dark Web Profile: Killnet – Russian Hacktivist Group By SOCRadar Research The ongoing conflict between Ukraine and Russia has attracted the attention of various cybercriminal groups and pushed them to...
Learn More
Dec 16, 2022
Dark Web Profile: Black Basta Ransomware
Dark Web Profile: Black Basta Ransomware By SOCRadar Research [Update] May 13, 2024: Read the subheading “CISA’s Advisory for Black Basta” [Update] January 3, 2024: Read the subheading “Turning the T...
Learn More
Dec 12, 2022
Dark Web Profile: APT42 - Iranian Cyber Espionage Group
Dark Web Profile: APT42 – Iranian Cyber Espionage Group By SOCRadar Research After the Stuxnet occurred in 2010 on Iran’s nuclear program, Iran started to invest in and improve its cy...
Learn More
Sep 29, 2022
Dark Web Profile: Overthinker1877
Dark Web Profile: Overthinker1877 Overthinker1877 or 1877 Team have recently drawn attention for their random attacks worldwide. Although the first remarkable attack was ransomware against a Romanian ...
Learn More
