Analysis of the BlackJack group: techniques, tools, and similarities with Twelve

1(520) 261-1728

Analysis of the BlackJack group: techniques, tools, and similarities with Twelve

The report examines the BlackJack hacktivist group targeting Russian organizations, focusing on their tools, techniques, and connections to the Twelve group. BlackJack employs freely available software like the Shamoon wiper and LockBit ransomware. Significant overlaps with Twelve include similar malware samples, identical file paths, and shared tactics. Both groups use network directories for malware distribution and scheduled tasks for execution. The analysis reveals a potential unified cluster of hacktivist activity against Russian targets, with no financial motives but aiming to cause maximum damage through data encryption, deletion, and theft. Author: AlienVault

Related Tags:
twelve

Disttrack

Shamoon – S0140

T1078.003

T1561.002

T1569.002

T1078.002

T1053.005

T1021.002

Associated Indicators:
19EC859708E58B1275EE1BDB48AA1966757266D0

ED5815DDAD8188C198E0E52114173CB6

5F88A76F52B470DC8E72BBA56F7D7BB2

DA30F54A3A14AD17957C88BF638D3436

BF402251745DF3F065EBE2FFDEC9A777

646A228C774409C285C256A8FAA49BDE

39B91F5DFBBEC13A3EC7CCE670CF69AD

Threat Intel Solutions

Analysis of the BlackJack group: techniques, tools, and similarities with Twelve

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us