Who is UNK_RemoteRogue?

UNK_RemoteRogue is a threat actor attributed to RU. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does UNK_RemoteRogue exploit?

Specific CVE exploitation data for UNK_RemoteRogue is being tracked. Check the Strobes VI threat actor profile for updates.

UNK_RemoteRogue

Exploited CVEs

Overview

UNK_RemoteRogue is a suspected Russian threat actor that has been observed utilizing ClickFix in its infection chains, although this technique is not revolutionizing their operations but rather replacing existing installation methods. The group has a history of employing compromised intermediate mailservers, with specific infrastructure noted, such as the upstream concentrator at 80.66.66[.]197. Proofpoint recorded their use of ClickFix only once before they reverted to traditional campaigns that share similar characteristics, including targeting and infrastructure. UNK_RemoteRogue has been linked to phishing activities and has shown consistent patterns in its operational tactics.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database