Storm-1084 is a threat actor attributed to IR, also known as DEV-1084. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Storm-1084 exploit?

Specific CVE exploitation data for Storm-1084 is being tracked. Check the Strobes VI threat actor profile for updates.

Storm-1084

Also known as: DEV-1084

Exploited CVEs

Overview

Storm-1084 is a threat actor that has been observed collaborating with the MuddyWater group. They have used the DarkBit persona to mask their involvement in targeted attacks. Storm-1084 has been linked to destructive actions, including the encryption of on-premise devices and deletion of cloud resources. They have been observed using tools such as Rport, Ligolo, and a customized PowerShell backdoor. The extent of their autonomy or collaboration with other Iranian threat actors is currently unclear.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions