Strobes VIStrobes VI
CVE DatabaseThreat ActorsResearchAPI Docs
Visit Strobes.coSign Up for Strobes
CVE DatabaseThreat ActorsResearchAPI Docs
Tools
KB Lookup
Visit Strobes.coSign Up for Strobes

Do you like the insights?

Strobes vulnerability intelligence is a key component of their Exposure Management platform that helps organizations understand, prioritize, and address security vulnerabilities more effectively.

© 2026 Strobes Security. All rights reserved.
HomeThreat ActorsStorm-1674

Storm-1674

0
Exploited CVEs
Overview

Storm-1674 is an access broker known for using tools based on the publicly available TeamsPhisher tool to distribute DarkGate malware. Storm-1674 campaigns have typically relied on phishing lures sent over Teams with malicious attachments, such as ZIP files containing a LNK file that ultimately drops DarkGate and Pikabot. In September 2023, Microsoft observed handoffs from Storm-1674 to ransomware operators that have led to Black Basta ransomware deployment.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database
Quick Actions
Search related CVEsBrowse all threat actors