RU
TA577TA577
Also known as: Hive0118 · TA577
Origin
RU
Known aliases
2
Profile
TA577 is a prolific cybercrime threat actor tracked by Proofpoint since mid-2020. This actor conducts broad targeting across various industries and geographies, and Proofpoint has observed TA577 deliver payloads including Qbot, IcedID, SystemBC, SmokeLoader, Ursnif, and Cobalt Strike.
Aliases· 2
Hive0118TA577
Compliance frameworks testing this (incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| ComplianceControl | pci_dss_v4-r2 | 100% | live |
| ComplianceControl | pci_dss_v4-r6 | 100% | live |
| ComplianceControl | tiber_eu-generic | 100% | live |
| ComplianceControl | cra-art14 | 100% | live |
| ComplianceControl | ai_act-art73 | 100% | live |
References
- https://www.proofpoint.com/us/blog/threat-insight/first-step-initial-access-leads-ransomware
- https://thehackernews.com/2021/06/ransomware-attackers-partnering-with.html
- https://www.itpro.com/security/ransomware/359919/ransomware-criminals-look-to-other-hackers-to-provide-them-with-network
- https://exchange.xforce.ibmcloud.com/threat-group/guid:1dda890fa2662ed26b451c703e922315
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.