AcidRain | A Modem Wiper Rains Down on Europe
Tags
| country: | Germany Italy Russia Ukraine |
| attack-pattern: | Data Botnet - T1583.005 Botnet - T1584.005 Firmware - T1592.003 Malware - T1587.001 Malware - T1588.001 Mmc - T1218.014 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | f347b394-d9fd-4cef-b012-c04d9b9f6ad0 |
| Fingerprint | b7649a0078177588 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 31, 2022, midnight |
| Added to db | June 1, 2023, 10:45 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | AcidRain | A Modem Wiper Rains Down on Europe |
| Title | AcidRain | A Modem Wiper Rains Down on Europe |
| Detected Hints/Tags/Attributes | 80/2/33 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 177 | www.wired.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 6 | www.viasat.com |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 98 | www.ncsc.gov.uk |
|
| Details | File | 1 | csa_protecting_vsat_communications_01252022.pdf |
|
| Details | File | 66 | www.ai |
|
| Details | File | 1 | relief12-4_qlr.pdf |
|
| Details | File | 6 | vpnfilter.html |
|
| Details | File | 3 | vpnfilter-update.html |
|
| Details | File | 1 | vpnfilter-part-3.html |
|
| Details | File | 5 | cyclops-blink-malware-analysis-report.pdf |
|
| Details | File | 2 | vpnfilter-two-years-later-routers-still-compromised-.html |
|
| Details | md5 | 1 | ecbe1b1e30a1f4bffaf1d374014c877f |
|
| Details | md5 | 2 | 20ea405d79b4de1b90de54a442952a45 |
|
| Details | sha1 | 2 | 86906b140b019fdedaaba73948d0c8f96a6b1b42 |
|
| Details | sha1 | 1 | 261d012caa96d3e3b059a98388f743fb8d39fbd5 |
|
| Details | sha256 | 3 | 9b4dfaca873961174ba935fddaf696145afe7bbf5734509f95feb54f3584fd9a |
|
| Details | sha256 | 4 | 47f521bd6be19f823bfd3a72d851d6f3440a6c4cc3d940190bdc9b6dd53a83d6 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Url | 1 | https://www.wired.com/story/viasat-internet-hack-ukraine-russia |
|
| Details | Url | 1 | https://www.cisa.gov/uscert/ncas/alerts/aa22-076a |
|
| Details | Url | 1 | https://media.defense.gov/2022/jan/25/2002927101/-1/-1/0/csa_protecting_vsat_communications_01252022.pdf |
|
| Details | Url | 1 | https://www.airforcemag.com/hackers-attacked-satellite-terminals-through-management-network-viasat-officials-say |
|
| Details | Url | 1 | https://nps.edu/documents/104517539/104522593/relief12-4_qlr.pdf/9cc03d09-9af4-410e-b601-a8bffdae0c30 |
|
| Details | Url | 1 | https://www.reuters.com/business/media-telecom/exclusive-hackers-who-crippled-viasat-modems-ukraine-are-still-active-company-2022-03-30 |
|
| Details | Url | 2 | https://www.viasat.com/about/newsroom/blog/ka-sat-network-cyber-attack-overview |
|
| Details | Url | 6 | https://blog.talosintelligence.com/2018/05/vpnfilter.html |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2018/06/vpnfilter-update.html?m=1 |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2018/09/vpnfilter-part-3.html |
|
| Details | Url | 4 | https://www.ncsc.gov.uk/files/cyclops-blink-malware-analysis-report.pdf |
|
| Details | Url | 2 | https://www.trendmicro.com/en_us/research/21/a/vpnfilter-two-years-later-routers-still-compromised-.html |
|
| Details | Url | 4 | https://www.cisa.gov/uscert/ncas/alerts/aa22-054a |