CyberVolk – D E C E I V E R . I O

Deceive, Detect, Engage

Threat Hunting Report: CyberVolk

The CyberVolk group is actively developing and deploying ransomware, potentially targeting organizations based on geopolitical motivations.

CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks

T1566 – CyberVolk has been observed utilizing phishing emails and LinkedIn messages to distribute malicious links to targets.

T1490 – The ransomware terminates processes associated with Microsoft Management Console (MMC) or Task Manager.

T1486 – The ransomware displays a payment screen with a decryption timer and payment details, including BTC and USDT options. The ransom amount is set to $1000.00, and the timer is set to 5 hours.

Tag: CyberVolk

Threat Hunting Report: CyberVolk

CyberVolk | A Deep Dive into the Hacktivists, Tools and Ransomware Fueling Pro-Russian Cyber Attacks

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense