Clop Ransomware Is Likely Behind the MOVEit Zero-Day Vulnerability Attacks
Tags
attack-pattern: Data Web Shell - T1505.003 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID 9b65477a-93fa-4bef-94dd-86f0fb230195
Fingerprint 13b9cb5fca843d3c
Analysis status DONE
Considered CTI value 1
Text language
Published June 9, 2023, 4:39 p.m.
Added to db June 11, 2023, 2:31 a.m.
Last updated Nov. 17, 2024, 5:55 p.m.
Headline Clop Ransomware Is Likely Behind the MOVEit Zero-Day Vulnerability Attacks
Title Clop Ransomware Is Likely Behind the MOVEit Zero-Day Vulnerability Attacks
Detected Hints/Tags/Attributes 34/1/4
Source URLs
Redirection Url
Details Source https://heimdalsecurity.com/blog/clop-ransomware-is-likely-behind-the-moveit-zero-day-vulnerability-attacks/
URL Provider
Details Provider Source level domain
Details heimdalsecurity.com heimdalsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 132 Heimdal Security Blog https://heimdalsecurity.com/blog/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 36 
human2.aspx
Details File 13 
moveitisapi.dll
Details File 17 
guestaccess.aspx
Details Threat Actor Identifier - FIN 127 
FIN11