Uptime Hamster: 15d 12h 12mDeploy: 13 Jul 2026 08:04Updated: 2026-07-13
Logo del actor de amenaza RUBYCARP

RUBYCARP

0 incidentes 0 paises 0 sectores apt RO Ultimo: -
Ver en IntelTracker → APTTrail →
RUBYCARP is a financially-motivated botnet group likely based in Romania, known for operating for at least a decade, though only recently attributed and profiled by Sysdig in early 2024. This group is distinguished by its primary objective of financial gain through extensive cryptomining, distributed denial-of-service (DDoS) attacks, and targeted phishing campaigns. Unlike state-sponsored groups, RUBYCARP focuses on illicit monetization and has developed a unique operational model that includes mentoring new cybercriminals and selling their custom toolsets. While sometimes loosely associated with the Outlaw APT due to shared common tactics, techniques, and procedures, this connection is not definitive, and RUBYCARP operates as a distinct criminal entity.
Tecnicas MITRE
T1071.001, T1110 - Brute Force, T1110, T1071, T1059, T1078
CVEs relacionadas
CVE-2024-3094, CVE-2021-3129
Tipo
apt
Pais origen
RO
Motivacion
-
Impacto
11
Actualizado
Sat, 27 Ap

Sectores objetivo (SOCRadar)

Transportation&WarehousingFinanceData Processing ServicesDelivery Services