About this actor
[Storm-0501](https://attack.mitre.org/groups/G1053) is a financially motivated cyber criminal group that uses commodity and open-source tools to conduct ransomware operations. [Storm-0501](https://attack.mitre.org/groups/G1053) has been active since 2021 and has previously been affiliated with Sabbath Ransomware and other Ransomware-as-a-Service (RaaS) variants such as Hive, [BlackCat](https://attack.mitre.org/software/S1068), Hunters International, [LockBit 3.0](https://attack.mitre.org/software/S1202), and [Embargo](https://attack.mitre.org/software/S1247) ransomware.(Citation: Avertium Storm-0501 Sabbath Ransomware Arcane January 2022)(Citation: Microsoft Storm-501 Sabbath Ransomware Embargo September 2024)(Citation: Microsoft Storm-0501 Embargo Ransomware August 2025)(Citation: Google Mandiant Storm-0501 Sabbath Ransomware November 2021)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
T1003T1003.006T1021T1021.006T1021.007T1027T1027.002T1036T1036.004T1053T1053.005T1057T1059T1059.001T1059.009T1078T1078.004T1082T1087T1087.002T1087.004T1098T1098.001T1098.003T1110T1190T1218T1218.010T1218.011T1219T1219.002T1482T1484T1484.001T1484.002T1485T1486T1490T1518T1518.001T1526T1530T1537T1552T1552.004T1555T1555.005T1555.006T1556T1556.009T1567T1567.002T1578T1578.003T1580T1587T1587.003T1588T1588.006T1614T1614.001T1657
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 40 / 62 | 65% |
AC-3 | 38 / 62 | 61% |
AC-6 | 36 / 62 | 58% |
AC-2 | 35 / 62 | 56% |
CM-6 | 31 / 62 | 50% |
IA-2 | 30 / 62 | 48% |
AC-5 | 28 / 62 | 45% |
CM-7 | 27 / 62 | 44% |
CM-2 | 25 / 62 | 40% |
CM-5 | 23 / 62 | 37% |
SI-7 | 21 / 62 | 34% |
CA-7 | 19 / 62 | 31% |
IA-5 | 16 / 62 | 26% |
AC-4 | 15 / 62 | 24% |
RA-5 | 15 / 62 | 24% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Scattered Spider 0.27
- SolarWinds Compromise 0.22
- VOID MANTICORE 0.21
- BlackByte 0.20
- C0027 0.20