DEV-0586 (a5f64c1a-c829-4855-903d-e0ff2098b2d7)
MSTIC has not found any notable associations between this observed activity, tracked as DEV-0586, and other known activity groups. MSTIC assesses that the malware (WhisperGate), which is designed to look like ransomware but lacking a ransom recovery mechanism, is intended to be destructive and designed to render targeted devices inoperable rather than to obtain a ransom.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| DEV-0586 (a5f64c1a-c829-4855-903d-e0ff2098b2d7) | Threat Actor | Cadet Blizzard (7f190457-6829-55c4-9b6b-bccdadb747cb) | Microsoft Activity Group actor | 1 |