CoreInjection is a financially motivated threat actor that emerged in March 2025, quickly gaining prominence on underground forums through the sale of stolen network access and sensitive data. This actor specializes in targeting Israeli entities and has a notable pattern of listing detailed proofs, including screenshots, to substantiate their claims on platforms such as BreachForums. CoreInjection's operations are characterized by their focus on monetizing compromised credentials and internal data, often blending legitimate evidence with potentially misleading claims to inflate the scope of their intrusions.
CVEs relacionadas
CVE-2024-24919
Tipo
apt
Pais origen
IL
Motivacion
-
Impacto
37
Actualizado
Tue, 01 Ap
Paises objetivo (SOCRadar)
AustraliaIsraelKenyaNetherlandsUnited States
Sectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesMonetary Authorities-Central BankSoftware PublishersManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic AdministrationData Processing Services