Malware: ABCD ransomware, Agenda, AgendaCrypt, AK47 Ransomware, AKO Doxware, Babuk, BabyLockerKZ, BARADAI, Baxtoy, BEACON, Black Basta, buildx641, CatB, CatB99, Cobalt Strike, Conti, Coroxy, DragonForce, DroxiDat, GentleKiller, Gentlemen, Havoc, HavocKiller, HexKiller, HwAudKiller, Hyflock, LARVA-368, LockBit, LockBit 2.0, LockBit 3.0, LockBit Black, LockBit Red, LOCKBIT.WARLOCK, Lumma, LummaC2, Lumma Stealer, Medusa, MedusaLocker, Medusa Reborn, Mimikatz, Ninthbee, no_name_software, OxideHarvest, Phemedrone, Phemedrone Stealer, PoisonX, Prey, Qilin, RedLine, REvil, Rhysida, Sodinokibi, Storm-2697, SystemBC, The Gentlemen, ThrottleBlood, ThrottleStop.sys, TridentLocker, Vidar, Warlock, X2ANYLOCK CVEs: CVE-2020-1472, CVE-2021-36942, CVE-2021-44228, CVE-2022-42045, CVE-2023-27532, CVE-2023-42789, CVE-2023-48788, CVE-2024-37085, CVE-2024-55591, CVE-2025-26125, CVE-2025-32433, CVE-2025-33073, CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771, CVE-2025-55182, CVE-2025-59718, CVE-2025-59719, CVE-2025-7771, CVE-2026-8863 Technologies: Acer, Acronis Cyber Protect, AMD Processors, ASUS, Baidu Antivirus, Bitdefender, BSD, Cisco, Cisco IOS, Cisco VPN, CrowdStrike, ECS, Erlang/OTP, ESET Endpoint Security, Fortinet FortiClientEMS, Fortinet FortiGate, Fortinet FortiOS, Fortinet FortiProxy, Getac, GIGABYTE, Gladinet CentreStack, Google Chrome, Hikvision IP Camera, Huawei, IObit Malware Fighter, Iperius Backup, Ivanti, Kaspersky, Kaspersky Endpoint Security, Linux, McAfee, Microsoft 365, Microsoft Defender Antivirus, Microsoft Entra ID, Microsoft Exchange Server, Microsoft Hyper-V, Microsoft Internet Information Services, Microsoft Outlook on the web, Microsoft SharePoint, Microsoft SQL Server, Microsoft Windows, Microsoft Windows Active Directory, Microsoft Windows Server, Mozilla Gecko, Okta, Oracle Database, Oracle MySQL, Palo Alto Networks, PostgreSQL, Qihoo 360, SAP ABAP, SentinelOne, SimpleHelp, SmarterTools SmarterMail, SolarWinds Web Help Desk, SonicWall, Sophos, Sophos Intercept X, TeamViewer, ThrottleStop, Trellix, Trend Micro, UEFI, Uniwill, Veeam Backup & Replication, Veritas Backup Exec, VMware, VMware ESXi Threat Actors: Agenda, Akira, ArmCorp, Babuk, BlackBasta, CatB, Conti, Devman, DragonForce, Embargo, Gentlemen, GoldRebellion, GOLDSALEM, Hastalamuerte, LockBit, Medusa, MedusaRansomware, Ninthbee, PestilentMantis, PhantomMantis, PrimevalMantis, Qilin, RansomHub, RedLineCyber, REvil, Rhysida, STAC5143, Storm0506, Storm0826, Storm1567, Storm-2603, Storm-2697, Storm2697, Ta2101, TenaciousMantis, Thegentlemen, Unc3973, Unc4393, VenomousMantis, Warlock, WIZARDSPIDER, Zeta88 Attacker Countries: China, Malaysia, Russia Attacker IPs: 176[.]120[.]22[.]127, 193[.]228[.]128[.]2, 209[.]15[.]71[.]121, 45[.]155[.]141[.]219, 77[.]246[.]103[.]110, 88[.]130[.]150[.]101, 91[.]92[.]242[.]30 Attacker Emails: bu4vs@mail[.]ru, hastalamuerte1488@protonmail[.]com Attacker Domains: app-distribution[.]net, bestflowers247[.]online, exploit[.]in, mail[.]ru, protonmail[.]com, put[.]io, userstorage[.]mega[.]co[.]nz, velvet-parret[.]com Attacker URLs: 0x0[.]st, temp[.]sh, vast[.]ai Attacker Hashes: 078163d5c16f64caa5a14784323fd51451b8c831c73396b967b4e35e6879937b, 12500f6c87ce62712a0ed6652c57468d15c14223, 1fa071303fb846308571e64727501fb98b1c2be6, 22b38dad7da097ea03aa28d0614164cd25fafeb1383dbc15047e34c8050f6f67, 2f86898528c6cab3540c486a9bfaa0c029b73950, 331879f5eec8892bbd896f90bdbb1bad0bf63bd6, 56bee9df5833a637f5c54d5911df98b0812fe643, 5aa3124e5c4921e5edfc60133b5d71da21b07da3, 68fec379f2ae76c3d2ce913f7be650cea1d06990, 711ef221526997039e804a18db9647c91680bbe2, 7131b377e96016dc1911020c9f95b1b4d042d7b4, 7556ae58c215b8245a43f764f0676c7a8f0fdd1a, 82ed942a52cdcf120a8919730e00ba37619661a3, 8ae6bd18b129061f63642531f1b684cf0383c75d, 96f0dbf52aed0afd43e44500116b04b674f7358e, 9ad51ad97c01e97ab59214116740785e0f6320a8, a11ee9cdc59e5caa59aefd27b30d104f3ad68e62, a19117175dbc9ba4d23b5dce8415e299a2e32192, a5cf917ec4a7dfbdfa43621398604805d860c718, b0b912a3fd1c05d72080848ec4c92880004021a1, ba914fe77b177b45799403b16dd14765c510a074, c0979ec20b87084317d1bfa50405f7149c3b5c5f, cf4d74df17a91b4a36a2911b22afec5d8fa93a01, d29670e684e40ddc89b47010c37cbc96737035b6, d4b19141102015d436321e6f26976e98183cfd27, d605994fc72a2bb59b5cfb1624a1b9170eca73a2, da8de7257c6897d2220cdf9d4755b15aeb38715807e3665716d2ee761c266fdb, ec296f9501ad71e430810cb5cdc38d954d4ba536, ef9cd06683159397f099caa244e94e6eaad96eba, f0537cbb773ae12100b36731e7c39f5a9d852b14, f11aebccb9a86a7e2e653f90baec697f233c255f, fe1033335a045c696c900d435119d210361966e2fb5cd1ba3382608cfa2c8e68 Victim Industries: Aerospace, Agriculture, Business Services, Cloud Infrastructure, Construction, Consumer Services, Education, Energy, Financial, Financials, Financial Services, Government, Healthcare, Health Care Technology, Holding Companies & Conglomerates, Hospitality, Hospitals & Physicians Clinics, Information Security, Information Technology, Insurance, Legal Services, Manufacturing, Media & Publishing, Multimedia, Professional Services, Public Administration, Real Estate, Retail, Semiconductors, Software, Technology Hardware, Telecommunications, Transportation, Utilities Victim Countries: Australia, Brazil, China, Colombia, Croatia, Czech Republic, Denmark, Egypt, France, Germany, India, Indonesia, Iraq, Ireland, Italy, Japan, Mauritius, Mexico, New Zealand, Norway, Palau, Peru, Philippines, Poland, Portugal, Romania, Russia, Saudi Arabia, Singapore, Spain, Taiwan, Thailand, Turkey, United Kingdom, United States, Vietnam

By admin

Leave a Reply