Who is Mustard Tempest?

Mustard Tempest is a threat actor, also known as DEV-0206, Purple Vallhund. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Mustard Tempest exploit?

Specific CVE exploitation data for Mustard Tempest is being tracked. Check the Strobes VI threat actor profile for updates.

Mustard Tempest

Also known as: DEV-0206, Purple Vallhund

Exploited CVEs

Overview

Mustard Tempest is a threat actor that primarily uses malvertising as their main technique to gain access to and profile networks. They deploy FakeUpdates, disguised as browser updates or software packages, to lure targets into downloading a ZIP file containing a JavaScript file. Once executed, the JavaScript framework acts as a loader for other malware campaigns, often Cobalt Strike payloads. Mustard Tempest has been associated with the cybercrime syndicate Mustard Tempest, also known as EvilCorp, and has been involved in ransomware attacks using payloads such as WastedLocker, PhoenixLocker, and Macaw.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions