Tag: vasa locker

1 attack reports | 0 vulnerabilities

Attack reports

Head Mare: adventures of a unicorn in Russia and Belarus

Published: September 2, 2024

Head Mare is a hacktivist group targeting companies in Russia and Belarus since 2023. They use phishing campaigns exploiting the CVE-2023-38831 vulnerability in WinRAR for initial access. Their toolkit includes custom malware like PhantomDL and PhantomCore, as well as publicly available tools like …

Downloadable IOCs 52

phishing

ransomware

russia

belarus

lockbit

CVE-2023-38831

2024-09-02

babuk

vasa locker

phantomdl

phantomcore

babyk

hacktivists

» Click here to see all Attack Reports «