BlackSuit
Reports
4
First seen
Apr 10
Last seen
Jun 1
Motivation
financial
Top ATT&CK techniques
T1110 Brute Force ×2T1021 Remote Services ×2T1087 Account Discovery ×2T1486 Data Encrypted for Impact ×2T1566 Phishing ×2T1078 Valid Accounts ×2T1021.001 Remote Services: Remote Desktop Protocol ×1T1555 Credentials from Password Stores ×1T1003 OS Credential Dumping ×1T1018 Remote System Discovery ×1T1569.002 System Services: Service Execution ×1T1562 Impair Defenses ×1
Indicators
filename ×49cve ×35domain ×6ip_v4 ×2hash_sha1 ×1hash_sha256 ×1
Indicator values are available on Pro and via the API.
Associated CVEs
CVE-2024-40766 (exploited)CVE-2024-47575 (exploited)CVE-2024-50383 (exploited)CVE-2025-59199CVE-2026-0257 (exploited)CVE-2026-1402CVE-2026-2332CVE-2026-27771CVE-2026-32996CVE-2026-32997CVE-2026-3593CVE-2026-40933CVE-2026-41089 (exploited)CVE-2026-4115CVE-2026-4480CVE-2026-44930CVE-2026-44962CVE-2026-45659CVE-2026-46775CVE-2026-46839
Recent reports
High