HOMETHREATSPrivetSanya
APT / THREAT GROUP

PrivetSanya

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Black Lotus Labs identified malware for the Windows Subsystem for Linux (WSL). Mostly written in Python but compiled as Linux ELF files.

Threat Analysis

PrivetSanya is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

elf.privet_sanyaPrivetSanya

External Intelligence

Malpedia: elf.privet_sanya

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
PrivetSanya — APT / Threat Group | Threat Intelligence | CTIWATCH.COM