VayGren and Mr.Burns: Strong Ties in Finance

216.73.217.98

VayGren and Mr.Burns: Strong Ties in Finance

· Published 10/07/2024 09:49 · Modified 10/07/2024 10:18

Essential information

Published: 10/07/2024 09:49
Modified: 10/07/2024 10:18
Tags: 2024-07-10 ave maria burnsrat metastealer purecrypter purelogs redline stealer teamviewer warzonerat
Related entities: 131 observables, 1 intrusion sets (apt), 31 techniques (mitre), 9 malware, 1 others

Description

F.A.C.C.T experts analyzed the tools and connections of cybercriminals attacking Russian accountants. An analysis of the infection chain of the VasyGrek attacker, his forum activity and connection with the malware developer Mr.Burns is presented. The history of Mr.Burns, starting in 2010, is given, as well as a description of the current version of the BurnsRAT malware, sold on forums and used in attacks on Russian companies.

Related entities

External references

https://www.facct.ru/blog/vasygrek-and-mr-burns/
https://otx.alienvault.com/pulse/668e59166cfc4e877eedb26c

VayGren and Mr.Burns: Strong Ties in Finance

Essential information

Description

Related entities

Observables (131)

Intrusion sets (APT) (1)

Techniques (MITRE) (31)

Malware (9)

Others (1)

External references