endurance details

Description

Endurance is a destructive ransomware variant first observed in 2023, developed and operated by the threat actor known as IntelBroker (also referred to as Butler Spider). Rather than encrypting files for decryption, it functions primarily as a data wiper, overwriting file contents, appending randomized filenames, and then deleting the files altogether. The source code for the malware was intentionally made public by the operator, indicating its use as both a tool and a statement. Endurance was used in high-profile breaches, including targeting government agencies, large enterprises, and telecommunications providers.

External Analysis
https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/endurance
https://www.mphasis.com/content/dam/mphasis-com/global/en/home/services/cybersecurity/june-21-12-the-intelbroker-data-leak-threat-actor.pdf
https://en.wikipedia.org/wiki/IntelBroker
https://www.crowdstrike.com/adversaries/butler-spider/

External Analysis

https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/endurance

https://www.mphasis.com/content/dam/mphasis-com/global/en/home/services/cybersecurity/june-21-12-the-intelbroker-data-leak-threat-actor.pdf

https://en.wikipedia.org/wiki/IntelBroker

https://www.crowdstrike.com/adversaries/butler-spider/

Url	Status	Screen	Uptime 30d	Health
http://h44jyyfomcbnnw5dha7zgwgkvpzbzbdyx2onu4fxaa5smxrgbjgq7had.onion/	Down		—

Url

Status

Screen

Uptime 30d

Health

http://h44jyyfomcbnnw5dha7zgwgkvpzbzbdyx2onu4fxaa5smxrgbjgq7had.onion/

Down

—