Storm-1084Storm-1084

Also known as: Storm-1084 · DEV-1084

Known aliases
2

Profile

Storm-1084 is a threat actor that has been observed collaborating with the MuddyWater group. They have used the DarkBit persona to mask their involvement in targeted attacks. Storm-1084 has been linked to destructive actions, including the encryption of on-premise devices and deletion of cloud resources. They have been observed using tools such as Rport, Ligolo, and a customized PowerShell backdoor. The extent of their autonomy or collaboration with other Iranian threat actors is currently unclear.

Aliases· 2

Storm-1084DEV-1084

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Storm-1044
Actor
Storm-0826
Actor
Storm-1674
Actor
Storm-0940
Actor
Storm-1286
Actor
Storm-1283
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.