Threat Group: Unattributed Threat Type: Hybrid ransomware with stealer capabilities Exploited Vulnerabilities: Outdated software, phishing, P2P downloads Malware Used: Crystal Rans0m (Rust-based) Threat Score: High (8.5/10) — Due to the combination of file encryption, information theft, modular structure, and anti-VM techniques. Last Threat Observation: October 21, 2024 Overview Crystal
Threat Group: - Trinity Ransomware Threat Type: - Ransomware (Double Extortion) Exploited Vulnerabilities: - Unpatched Software, Phishing, Remote Desktop Protocol (RDP) Malware Used: - Trinity Ransomware (.trinitylock extension) Threat Score: - 8.5/10 – High risk, targeting critical sectors like healthcare, with advanced encryption and data exfiltration tactics. Last Threat
Threat Group: Lynx Threat Type: Ransomware Exploited Vulnerabilities: Targets file encryption vulnerabilities with privilege escalation techniques Malware Used: Modified ransomware code derived from INC ransomware Threat Score: High (8.2/10) — Due to advanced encryption techniques, privilege escalation methods, and cross-sector targeting Last Threat Observation: October 3, 2024, by Rapid7
Threat Group: ELPACO-team Threat Type: Ransomware Exploited Vulnerabilities: Outdated software and phishing emails Malware Used: ELPACO-team Ransomware Threat Score: High (8.2/10) Last Threat Observation: October 2024 Overview The ELPACO-team ransomware is a malicious strain designed to encrypt files and demand ransom payments in cryptocurrency for their release. Known
Threat Group: - Andariel (Subgroup of Lazarus Group, aka Stonefly, Silent Chollima, Onyx Sleet) Threat Type: - Advanced Persistent Threat (APT), Ransomware, Cyber Espionage Exploited Vulnerabilities: - CVE-2023-22515 (Atlassian Confluence), CVE-2023-27350 (PaperCut), CVE-2023-42793 (TeamCity), CVE-2021-44228 (Apache Log4j) Malware Used: - DTrack, Maui, Dora RAT, Nukebot, SHATTEREDGLASS, Sliver, Mimikatz Threat Score: