Storm-1567 is a threat actor, also known as GOLD SAHARA, Akira, PUNK SPIDER. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Storm-1567 exploit?

Specific CVE exploitation data for Storm-1567 is being tracked. Check the Strobes VI threat actor profile for updates.

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001

Storm-1567

Also known as: GOLD SAHARA, Akira, PUNK SPIDER

Exploited CVEs

Overview

Storm-1567 is the threat actor behind the Ransomware-as-a-Service Akira. They attacked Swedish organizations in March 2023. This ransomware utilizes the ChaCha encryption algorithm, PowerShell, and Windows Management Instrumentation (WMI). Microsoft's Defender for Endpoint successfully blocked a large-scale hacking campaign carried out by Storm-1567, highlighting the effectiveness of their security solution.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database