[threat-actors] Add IntelBroker

clusters/threat-actor.json

@@ -16283,6 +16283,19 @@
       },
       "uuid": "46ef6903-deac-415a-afaf-97e3ce067d7e",
       "value": "HellHounds"
+    },
+    {
+      "description": "IntelBroker is a threat actor known for orchestrating high-profile data breaches targeting companies like Apple, Zscaler, and Facebook Marketplace. They have a reputation for selling access to compromised systems and data on underground forums like BreachForums. IntelBroker has claimed responsibility for breaches involving government agencies such as Europol, the U.S. Department of Transportation, and the Pentagon, leaking sensitive information and classified documents. The actor has been linked to breaches at companies like Acuity, General Electric, and Home Depot, showcasing a pattern of targeting critical infrastructure and major corporations.",
+      "meta": {
+        "refs": [
+          "https://www.cysecurity.news/2024/06/infamous-hacker-intelbroker-breaches.html",
+          "https://www.malwarebytes.com/blog/news/2024/06/was-t-mobile-compromised-by-a-zero-day-in-jira",
+          "https://securityaffairs.com/164263/cyber-crime/pandabuy-extorted-again.html",
+          "https://meterpreter.org/cybersecurity-firm-hacked-sensitive-data-on-sale/"
+        ]
+      },
+      "uuid": "849d16c8-eaa3-46e7-9c1c-179ef680922e",
+      "value": "IntelBroker"
     }
   ],
   "version": 312