Ransomware: Activity Levels Remain High Despite Disruption
Essential information
- Published
- 11/07/2024 13:06
- Modified
- 11/07/2024 13:35
- Tags
- 2024-07-11 CVE-2024-4577 akira alphv blackcat blacksuit cyclops blink disruption encryption lockbit noberus phobos qilin ransomware tellyouthepass vulnerability warp av killer
- Related entities
- 1 vulnerabilities (cve), 27 observables, 16 techniques (mitre), 12 malware
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (1)
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system …
- Attack vector
- Network
- Published
- 12/06/2024
- Modified
- 21/12/2025
Observables (27)
-
f572898ab9f9a0fabac77d5d388680f84f85f9eb2c01b4e5de426430c6b5008f -
f6afa84b0847414220bb15517b8b5e2c505b64b53efbba73b753379c66ac5017 -
ea59d6a130a279dfde4df53640bd720419c7b5d9711a21a78af9453b1b3b5805 -
bef2d817f1813eb0629222112fd3721865a2a4eb1f4d51ad1f09fd807d4380ab -
d18453e564ca27514227478f225d85811fe15d08aa5fb1f613022c43155c5c54 -
aa43f34c3fa67aea994c1babeb71b46c7b24eccaa0455ae21aa561e251e7cc4d -
aa0ef20f9f8ca111b0d8a550daf6651f5b0557f0acb0a26545755c5a02263a9b -
a702a671b7911a09ccb5b4f42923e8b301e0bbb851443dd52622022959a3055a -
88efa81984852dac62d325f2091a09de1e6423a711d7913aeac103c50664cf84 -
7d6877eb8a3e2da1e8b06e2ed41604c6c3d5ced8293f7cc7e760ba972303bd0e -
7101db8cb05e989c018ebc5df47819029cd76c4093b22c4582288795e46f6689 -
6fb438feeb8369c5b82bfaa77144a641f7645c321f0b24dd97cfe2687b1ebd44
Techniques (MITRE) (16)
-
Abuse Elevation Control Mechanism MITRE
-
Protocol Tunneling MITRE
-
Event Triggered Execution MITRE
-
Server Software Component MITRE
-
Service Stop MITRE
-
Data Encrypted for Impact MITRE
-
File and Directory Discovery MITRE
-
Create or Modify System Process MITRE
-
Process Injection MITRE
-
Network Denial of Service MITRE
-
Gather Victim Host Information MITRE
-
User Execution MITRE
Malware (12)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Qilin](https://attack.mitre.org/software/S1242) ransomware is a Ransomware-as-a-Service (RaaS) that has been active since at least 2022 with versions written in Golang and Rust that are capable of targeting Windows or…
First seen 01/01/1970 · Last seen 16/11/5138 · -
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Family
-
Family
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
The MITRE Corporation Confidence 100
[Akira](https://attack.mitre.org/software/S1129) ransomware, written in C++, is most prominently (but not exclusively) associated with the ransomware-as-a-service entity [Akira](https://attack.mitre.org/groups/G1024). [Akira](https://attack.mitre.org/software/S1129) ransomware has been used in attacks across North America, Europe,…
First seen 01/01/1970 · Last seen 16/11/5138 · -
Family
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·