Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

AridViper – Do You KNOW This Threat Actor?

Security researchers uncovered a deadly malware while tracking this threat actor.

Post by Rajarshi Mitra Dec 23, 2020

As per KNOW – Netenrich’s cybersecurity news aggregator and threat intel dashboard – AridViper, aka Desert Falcon, is the second most trending threat actor of the last seven days.

aridviper threat intelligence KNOW dashboard

Let’s use our threat intel dashboard and find out what’s happening behind the scenes.

AridViper: Who are they?

AridViper is an Arabic-based APT group operating out of Palestine, Egypt, and Turkey. Their victims include military and government organizations, health organizations, economic and financial institutions, leading media entities, research and educational institutions, energy and utility providers, activists, and political leaders.

Why is AridViper trending?

Security researchers from Palo Alto Networks’ Unit 42 division have recently discovered PyMICROPSIA, an info-stealing trojan that serves as a Windows malware for now. It’s so named because it belongs to the MICROPSIA family and is written in Python.

The malware can host attacks, including data stealing, file deletion, taking screenshots, audio recording, and command execution.

The researchers found this malware while tracking AridViper’s activities.

Join 1,200 of your colleagues and friends from the industry

Reactions from Twitter

#1 Ratan Jyoti

#2 Unit 42

#3 Catalin Cimpanu

AridViper references from KNOW

aridviper threat intel references from KNOW

  • Total references: 130
  • Last 60 days: 99
  • Previous 7 days: 54

AridViper threat context from KNOW

aridviper threat intelligence context

  • Risk rules triggered: 7 out of 48
  • Intrusion method: Credential stealing
  • Campaigns: Operation parliament.
  • Related intrusion methods: Phishing, Spam, Scam, ShellCode, Malicious Android App, Infection chain, DLL Side Loading, and 7 more.
  • Most recent sandbox sighting: Hybrid Analysis result for ‘http://flushupdate.com/’

Using KNOW to protect yourself from Threat Actors

KNOW first. Act fast.

Apart from being a news aggregator, KNOW is also a threat intel dashboard. You get all the relevant insights from the global threat landscape with the help of KNOW. Netenrich delivers actionable solutions with the help of resolution intelligence and a combination of threat and attack surface intelligence  to effectively addresses the following pain points:

  • Firstly, your organization’s attack surface is growing faster than your SecOps team and budget.
  • Threat actors can see exposed assets that lie outside your security’s purview.
  • There is a severe lack of talent and skill gaps are getting wider than ever before.
  • Attacks are more frequent and it only takes one to inflict severe, irreversible damage on your organization and business reputation.

Would you like to stay up to date with the trending threats and empower your SecOps team?

Latest Threats Intel

What exactly is resolution intelligence, and what will it do for you?

Quick Sneak Peek

About the Author

Rajarshi Mitra

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat.

Subscribe To Our Newsletter!

The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.

Thank you for subscribing!

Related Post

Feb 26 2021

Clop Ransomware – KNOW how Bombardier Suffered a Data Breach

FTA vulnerability in web server exploited in this attack

Read More
Jan 13 2021

Turla Group: Do You KNOW This Threat Actor?

New evidence links the infamous SolarWinds hack to this threat actor.

Read More