Denim TsunamiDenim Tsunami

Also known as: Denim Tsunami · KNOTWEED · DSIRF

Known aliases
3

Profile

Denim Tsunami is a threat actor group that has been involved in targeted attacks against European and Central American customers. They have been observed using multiple Windows and Adobe 0-day exploits, including one for CVE-2022-22047, which is a privilege escalation vulnerability. Denim Tsunami developed a custom malware called Subzero, which has capabilities such as keylogging, capturing screenshots, data exfiltration, and running remote shells. They have also been associated with the Austrian spyware distributor DSIRF.

Aliases· 3

Denim TsunamiKNOTWEEDDSIRF

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Velvet Tempest
Actor
Carmine Tsunami
Actor
DarkHotel
Actor
DefrayX
Actor
Lilac Typhoon
Actor
DarkPink
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.