From 11eca69ebc0d8ad14bf22f7eec7f0cf0731b949c Mon Sep 17 00:00:00 2001
From: Rony <rony_123@protonmail.ch>
Date: Sat, 7 May 2022 12:40:35 +0530
Subject: [PATCH] chg: [threat-actor] added Curious Gorge

---
 clusters/threat-actor.json | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 5bba42c..2676e58 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -9198,7 +9198,32 @@
       },
       "uuid": "bee8b09c-07e5-4c12-94d6-266ebcb1ec24",
       "value": "UNC3524"
+    },
+    {
+       "description": "Curious Gorge, a group TAG attributes to China's PLA SSF, has conducted campaigns against government and military organizations in Ukraine, Russia, Kazakhstan, and Mongolia. The actor has remained active against government, military, logistics and manufacturing organizations in Ukraine, Russia and Central Asia. In Russia, long running campaigns against multiple government organizations have continued, including the Ministry of Foreign Affairs. Over the past week, TAG identified additional compromises impacting multiple Russian defense contractors and manufacturers and a Russian logistics company.",
+       "meta": {
+         "cfr-suspected-victims":[
+           "Ukraine",
+           "Russia",
+           "Kazakhstan",
+           "Mongolia"
+         ],
+         "cfr-target-category": [
+           "Government",
+           "Military",
+           "Logistics",
+           "Defense Contractor"
+         ],
+         "cfr-type-of-incident": "Espionage",
+         "country": "CN",
+         "refs": [
+           "https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe",
+           "https://blog.google/threat-analysis-group/update-on-cyber-activity-in-eastern-europe/"
+        ]
+       },
+       "uuid": "6ee284d9-2742-4468-851c-a61366cc9a20",
+       "value": "Curious Gorge"
     }
   ],
-  "version": 221
+  "version": 222
 }