Storm-0324Storm-0324

Also known as: DEV-0324 · Sagrid · TA543 · Storm-0324

Known aliases
4

Profile

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment.

Aliases· 4

DEV-0324SagridTA543Storm-0324

References

  1. https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/
  2. https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Storm-0826
Actor
Storm-2372
Actor
Storm-0249
Actor
Storm-0381
Actor
Storm-0539
Actor
Storm-2603
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.