BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising - RedPacket Security
Tags
country: Australia Russia Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 728b2c90-3e87-4dcc-bd3c-01bb0e4dfb71
Fingerprint b5653d1d913faad1
Analysis status DONE
Considered CTI value 1
Text language
Published July 3, 2023, 9:01 a.m.
Added to db July 3, 2023, 10:30 a.m.
Last updated Oct. 25, 2024, 1:35 p.m.
Headline RedPacket Security
Title BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising - RedPacket Security
Detected Hints/Tags/Attributes 75/3/1
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/blackcat-operators-distributing-ransomware-disguised-as-winscp-via-malvertising/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details IBM X-Force - Threat Group Enumeration 28 
ITG23