Endurance
Description
Endurance is a destructive ransomware variant first observed in 2023, developed and operated by the threat actor known as IntelBroker (also referred to as Butler Spider). Rather than encrypting files for decryption, it functions primarily as a data wiper, overwriting file contents, appending randomized filenames, and then deleting the files altogether. The source code for the malware was intentionally made public by the operator, indicating its use as both a tool and a statement. Endurance was used in high-profile breaches, including targeting government agencies, large enterprises, and telecommunications providers.
External Analysis |
https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/endurance |
https://www.mphasis.com/content/dam/mphasis-com/global/en/home/services/cybersecurity/june-21-12-the-intelbroker-data-leak-threat-actor.pdf |
https://en.wikipedia.org/wiki/IntelBroker |
https://www.crowdstrike.com/adversaries/butler-spider/ |
Urls |
Screen |
http://h44jyyfomcbnnw5dha7zgwgkvpzbzbdyx2onu4fxaa5smxrgbjgq7had.onion/ |
Screen |