← All Threat Actors
Threat Actor Profile

Storm-1811

G1046
▲ High Threat
WordPress Ecosystem Mass Exploitation, Automated Credential Harvesting Campaign
Origin
Motivation Financial gain through credential theft, website hijacking, and the exploitation of web assets for secondary monetization.

Target Sectors

WordPress-based websites Small-to-medium businesses (SMBs) E-commerce platforms Web hosting services

Known TTPs

Credential stuffing
Exploitation of known vulnerabilities (CVEs)
Automated vulnerability scanning
Exploitation of WordPress plugins
Malicious content injection
Brute-force attacks

External Resources

CISA Advisories ↗

Related Intelligence

Hacking the mainframe…

LINK COPIED TO CLIPBOARD