Octo Tempest: extortion through phishing, SIM swapping and ransomware
Tags
| cmtmf-attack-pattern: | Masquerading |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Code Repositories - T1213.003 Code Repositories - T1593.003 Credentials - T1589.001 Impersonation - T1656 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Software - T1592.002 Masquerading - T1036 Remote Access Tools - T1219 Masquerading |
Common Information
| Type | Value |
|---|---|
| UUID | ca087520-7cb1-4320-ad1c-24edabe9dcb9 |
| Fingerprint | 864194410796f751 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 29, 2023, midnight |
| Added to db | Nov. 8, 2023, 10:20 p.m. |
| Last updated | Nov. 14, 2024, 8:09 a.m. |
| Headline | Octo Tempest: extortion through phishing, SIM swapping and ransomware |
| Title | Octo Tempest: extortion through phishing, SIM swapping and ransomware |
| Detected Hints/Tags/Attributes | 38/3/97 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 13 | ✔ | Andrea Fortuna | https://andreafortuna.org/feed.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | md5 | 5 | 1e5ad5c2ffffac9d3ab7d179566a7844 |
|
| Details | md5 | 5 | 56fd7145224989b92494a32e8fc6f6b6 |
|
| Details | md5 | 4 | 6639433341fd787762826b2f5a9cb202 |
|
| Details | md5 | 5 | 828699b4133acb69d34216dcd0a8376e |
|
| Details | sha1 | 4 | 0272b018518fef86767b01a73213716708acbb80 |
|
| Details | sha1 | 5 | 10b9da621a7f38a02fea26256db60364d600df85 |
|
| Details | sha1 | 5 | d8cb0d5bbeb20e08df8d2e75d7f4e326961f1bf5 |
|
| Details | sha1 | 5 | ec37d483c3c880fadc8d048c05777a91654e41d3 |
|
| Details | sha256 | 4 | 3ea2d190879c8933363b222c686009b81ba8af9eb6ae3696d2f420e187467f08 |
|
| Details | sha256 | 5 | 4188736108d2b73b57f63c0b327fb5119f82e94ff2d6cd51e9ad92093023ec93 |
|
| Details | sha256 | 5 | 443dc750c35afc136bfea6db9b5ccbdb6adb63d3585533c0cf55271eddf29f58 |
|
| Details | sha256 | 4 | 53b7d5769d87ce6946efcba00805ddce65714a0d8045aeee532db4542c958b9f |
|
| Details | sha256 | 4 | 982dda5eec52dd54ff6b0b04fd9ba8f4c566534b78f6a46dada624af0316044e |
|
| Details | sha256 | 4 | acadf15ec363fe3cc373091cbe879e64f935139363a8e8df18fd9e59317cc918 |
|
| Details | sha256 | 5 | cce5e2ccb9836e780c6aa075ef8c0aeb8fec61f21bbef9e01bdee025d2892005 |
|
| Details | IPv4 | 6 | 45.132.227.213 |
|
| Details | IPv4 | 13 | 144.76.136.153 |
|
| Details | IPv4 | 5 | 119.93.5.239 |
|
| Details | IPv4 | 5 | 146.70.103.228 |
|
| Details | IPv4 | 4 | 159.223.213.174 |
|
| Details | IPv4 | 4 | 169.150.203.51 |
|
| Details | IPv4 | 5 | 185.195.19.206 |
|
| Details | IPv4 | 5 | 198.54.133.45 |
|
| Details | IPv4 | 4 | 198.54.133.52 |
|
| Details | IPv4 | 5 | 217.138.198.196 |
|
| Details | IPv4 | 5 | 217.138.222.94 |
|
| Details | IPv4 | 5 | 45.134.140.177 |
|
| Details | IPv4 | 5 | 45.86.200.81 |
|
| Details | IPv4 | 5 | 45.91.21.61 |
|
| Details | IPv4 | 5 | 89.46.114.66 |
|
| Details | IPv4 | 3 | 18.206.107.24 |
|
| Details | IPv4 | 3 | 100.35.70.106 |
|
| Details | IPv4 | 3 | 136.144.19.51 |
|
| Details | IPv4 | 3 | 136.144.43.81 |
|
| Details | IPv4 | 3 | 142.93.229.86 |
|
| Details | IPv4 | 3 | 143.244.214.243 |
|
| Details | IPv4 | 3 | 146.70.107.71 |
|
| Details | IPv4 | 3 | 146.70.112.126 |
|
| Details | IPv4 | 3 | 146.70.127.42 |
|
| Details | IPv4 | 3 | 146.70.45.166 |
|
| Details | IPv4 | 3 | 146.70.45.182 |
|
| Details | IPv4 | 4 | 152.89.196.111 |
|
| Details | IPv4 | 3 | 162.118.200.173 |
|
| Details | IPv4 | 3 | 172.98.33.195 |
|
| Details | IPv4 | 3 | 173.239.204.129 |
|
| Details | IPv4 | 3 | 173.239.204.130 |
|
| Details | IPv4 | 3 | 173.239.204.131 |
|
| Details | IPv4 | 3 | 173.239.204.132 |
|
| Details | IPv4 | 3 | 173.239.204.133 |
|
| Details | IPv4 | 3 | 173.239.204.134 |
|
| Details | IPv4 | 3 | 180.190.113.87 |
|
| Details | IPv4 | 4 | 185.120.144.101 |
|
| Details | IPv4 | 4 | 185.123.143.197 |
|
| Details | IPv4 | 3 | 185.123.143.201 |
|
| Details | IPv4 | 3 | 185.123.143.205 |
|
| Details | IPv4 | 3 | 185.123.143.217 |
|
| Details | IPv4 | 3 | 185.156.46.141 |
|
| Details | IPv4 | 3 | 185.163.109.66 |
|
| Details | IPv4 | 6 | 185.181.102.18 |
|
| Details | IPv4 | 4 | 185.195.19.207 |
|
| Details | IPv4 | 4 | 185.202.220.239 |
|
| Details | IPv4 | 4 | 185.202.220.65 |
|
| Details | IPv4 | 4 | 185.240.244.3 |
|
| Details | IPv4 | 4 | 185.247.70.229 |
|
| Details | IPv4 | 4 | 185.45.15.217 |
|
| Details | IPv4 | 5 | 185.56.80.28 |
|
| Details | IPv4 | 4 | 188.166.101.65 |
|
| Details | IPv4 | 4 | 188.166.117.31 |
|
| Details | IPv4 | 4 | 188.214.129.7 |
|
| Details | IPv4 | 4 | 192.166.244.248 |
|
| Details | IPv4 | 4 | 193.27.13.184 |
|
| Details | IPv4 | 4 | 193.37.255.114 |
|
| Details | IPv4 | 4 | 194.37.96.188 |
|
| Details | IPv4 | 4 | 195.206.105.118 |
|
| Details | IPv4 | 4 | 198.44.136.180 |
|
| Details | IPv4 | 4 | 23.106.248.251 |
|
| Details | IPv4 | 4 | 31.222.238.70 |
|
| Details | IPv4 | 5 | 37.19.200.142 |
|
| Details | IPv4 | 5 | 37.19.200.151 |
|
| Details | IPv4 | 5 | 37.19.200.155 |
|
| Details | IPv4 | 3 | 45.132.227.211 |
|
| Details | IPv4 | 2 | 45.134.140.171 |
|
| Details | IPv4 | 4 | 5.182.37.59 |
|
| Details | IPv4 | 4 | 51.210.161.12 |
|
| Details | IPv4 | 4 | 51.89.138.221 |
|
| Details | IPv4 | 4 | 62.182.98.170 |
|
| Details | IPv4 | 3 | 64.190.113.28 |
|
| Details | IPv4 | 5 | 67.43.235.122 |
|
| Details | IPv4 | 3 | 68.235.43.20 |
|
| Details | IPv4 | 3 | 68.235.43.21 |
|
| Details | IPv4 | 4 | 82.180.146.31 |
|
| Details | IPv4 | 4 | 89.46.114.164 |
|
| Details | IPv4 | 4 | 91.242.237.100 |
|
| Details | IPv4 | 3 | 93.115.7.238 |
|
| Details | IPv4 | 4 | 98.100.141.70 |
|
| Details | IPv6 | 2 | 2a01:4f8:200:1097::2 |
|
| Details | Mandiant Uncategorized Groups | 111 | UNC3944 |