SYMBOL | COMMON_NAME | aka. SYNONYMS |
MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware (WhisperGate), which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.
There are currently no families associated with this actor.
2022-07-18 ⋅ Palo Alto Networks Unit 42 ⋅ Ruinous Ursa WhisperGate DEV-0586 |
2022-02-28 ⋅ Microsoft ⋅ Cyber threat activity in Ukraine: analysis and resources CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate DEV-0586 |
2022-01-15 ⋅ Microsoft ⋅ Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |