Void Blizzard

Also known as Laundry Bear
Reports
3
First seen
Feb 19
Last seen
Jun 11
Motivation
espionage

Targeting

Victim regions
United States ×1

Top ATT&CK techniques

T1005 Data from Local System ×2T1078 Valid Accounts ×2T1110 Brute Force ×2T1047 Windows Management Instrumentation ×1T1190 Exploit Public-Facing Application ×1T1041 Exfiltration Over C2 Channel ×1T1557 Man-in-the-Middle ×1T1071 Application Layer Protocol ×1T1021 Remote Services ×1T1090 Proxy ×1T1621 Multi-Factor Authentication Interception ×1T1059 Command and Scripting Interpreter ×1

Indicators

cve ×11filename ×7domain ×5url ×3email ×1ip_v4 ×1

Indicator values are available on Pro and via the API.

Associated CVEs

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.