BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
Tags
country: Australia Russia Ukraine
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 8284e3be-e37e-4ad8-8d2b-bc040c6d3850
Fingerprint a5642d1db11fabd1
Analysis status DONE
Considered CTI value 1
Text language
Published July 3, 2023, 10:16 a.m.
Added to db July 3, 2023, 7:35 a.m.
Last updated Oct. 25, 2024, 1:35 p.m.
Headline BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
Title BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising
Detected Hints/Tags/Attributes 73/3/1
Source URLs
Redirection Url
Details Source https://thehackernews.com/2023/07/blackcat-operators-distributing.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details IBM X-Force - Threat Group Enumeration 28 
ITG23