SYMBOL | COMMON_NAME | aka. SYNONYMS |
MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware (WhisperGate), which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.
There are currently no families associated with this actor.
2023-06-14
⋅
Microsoft
⋅
Cadet Blizzard emerges as a novel and distinct Russian threat actor p0wnyshell reGeorg WhisperGate DEV-0586 SaintBear |
2022-07-18
⋅
Palo Alto Networks Unit 42
⋅
Ruinous Ursa WhisperGate DEV-0586 |
2022-02-28
⋅
Microsoft
⋅
Cyber threat activity in Ukraine: analysis and resources CaddyWiper DesertBlade DoubleZero HermeticWiper INDUSTROYER2 IsaacWiper PartyTicket WhisperGate DEV-0586 |
2022-01-15
⋅
Microsoft
⋅
Destructive malware targeting Ukrainian organizations (DEV-0586) WhisperGate DEV-0586 |