chg: [threat-actor] added Curious Gorge

2024-11-22 23:07:19 +00:00 · 2022-05-07 12:40:35 +05:30 · 2022-05-07 12:40:35 +05:30 · 11eca69ebc
commit 11eca69ebc
parent a315483a22
1 changed files with 26 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -9198,7 +9198,32 @@
      },
      "uuid": "bee8b09c-07e5-4c12-94d6-266ebcb1ec24",
      "value": "UNC3524"
+    },
+    {
+       "description": "Curious Gorge, a group TAG attributes to China's PLA SSF, has conducted campaigns against government and military organizations in Ukraine, Russia, Kazakhstan, and Mongolia. The actor has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia. In Russia, long running campaigns against multiple government organizations have continued, including the Ministry of Foreign Affairs. Over the past week, TAG identified additional compromises impacting multiple Russian defense contractors and manufacturers and a Russian logistics company.",
+       "meta": {
+         "cfr-suspected-victims":[
+           "Ukraine",
+           "Russia",
+           "Kazakhstan",
+           "Mongolia"
+         ],
+         "cfr-target-category": [
+           "Government",
+           "Military",
+           "Logistics",
+           "Defense Contractor"
+         ],
+         "cfr-type-of-incident": "Espionage",
+         "country": "CN",
+         "refs": [
+           "https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe",
+           "https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/"
+        ]
+       },
+       "uuid": "6ee284d9-2742-4468-851c-a61366cc9a20",
+       "value": "Curious Gorge"
    }
  ],
-  "version": 221
+  "version": 222
 }