diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 38a35ba..b50e58e 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -16849,6 +16849,17 @@ }, "uuid": "28157c93-0b9f-4341-983a-3a521cee12bb", "value": "DragonRank" + }, + { + "description": "Vice Spider is a Russian-speaking ransomware group that has been active since at least April 2021 and is linked to a significant increase in identity-based attacks, with a reported 583% rise in Kerberoasting incidents. CrowdStrike attributes 27% of these intrusions specifically to Vice Spider, which exploits vulnerabilities in the Kerberos authentication protocol to crack user passwords.", + "meta": { + "country": "RU", + "refs": [ + "https://www.techtarget.com/searchsecurity/news/366547445/CrowdStrike-observes-massive-spike-in-identity-based-attacks" + ] + }, + "uuid": "2be3426b-c216-499f-b111-6694e96918f7", + "value": "VICE SPIDER" } ], "version": 315