Storm-1516
Also known as CopyCop
Reports
3
First seen
Oct 1
Last seen
Mar 2
Motivation
information_operations, information operations, disinformation
Targeting
Sectors
other ×1
Top ATT&CK techniques
T1566 Phishing ×3T1003 OS Credential Dumping ×2T1041 Exfiltration Over C2 Channel ×2T1486 Data Encrypted for Impact ×2T1498 Network Denial of Service ×2T1190 Exploit Public-Facing Application ×2T1598 Phishing for Information ×2T1059 Command and Scripting Interpreter ×2T1195 Supply Chain Compromise ×1T1133 External Remote Services ×1T1078 Valid Accounts ×1T1568 Dynamic Resolution ×1
Indicators
cve ×18filename ×2domain ×1
Indicator values are available on Pro and via the API.
Associated CVEs
CVE-2020-12812 (exploited)CVE-2025-14174 (exploited)CVE-2025-20333 (exploited)CVE-2025-20352 (exploited)CVE-2025-20362 (exploited)CVE-2025-26399 (exploited)CVE-2025-40551 (exploited)CVE-2025-43300 (exploited)CVE-2025-43529 (exploited)CVE-2025-55177 (exploited)CVE-2025-55182 (exploited)CVE-2025-55241CVE-2025-59718 (exploited)CVE-2025-59719 (exploited)CVE-2026-1281 (exploited)CVE-2026-1340 (exploited)CVE-2026-21509 (exploited)CVE-2026-22769 (exploited)
Recent reports
High