Embedded Files
MITRE | ATT&CK - GROUPS (CTI)
MITRE | ATT&CK - GROUPS (CTI)
Analysis of cyber activity can lead to a pattern (i.e., attack vector) that can be grouped using analytic methods.
Ransomware
Ransomware
Akira (G1024) - Group Assocated (GOLD SAHARA, PUNK SPIDER), Description: Akira is a ransomware variant and ransomware deployment entity active since at least March 2023. Akira uses compromised credentials to access single-factor external access mechanisms such as VPNs for initial access, then various publicly-available tools and techniques for lateral movement. Akira operations are associated with "double extortion" ransomware activity, where data is exfiltrated from victim environments prior to encryption, with threats to publish files if a ransom is not paid. Technical analysis of Akira ransomware indicates multiple overlaps with and similarities to Conti malware.
Software
Software
BlackCat (S1068) - Associated software (ALPHV, Noberus), Type: MALWARE, Platforms: Linux, Windows, Description: BlackCat is ransomware written in Rust that has been offered via the Ransomware-as-a-Service (RaaS) model. First observed November 2021, BlackCat has been used to target multiple sectors and organizations in various countries and regions in Africa, the Americas, Asia, Australia, and Europe.[1][2][3]
Page updated
Report abuse