[threat-actors] Add Cyber Toufan

2024-11-22 23:07:19 +00:00 · 2024-01-08 05:23:29 -08:00 · 2024-01-08 05:23:29 -08:00 · 1669da1661
commit 1669da1661
parent 09b90261ee
1 changed files with 15 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -14000,6 +14000,21 @@
      },
      "uuid": "179deaab-12d2-4371-b499-51b925546a22",
      "value": "Threatsec"
+    },
+    {
+      "description": "Cyber Toufan is a threat actor group that has gained prominence for its cyberattacks targeting Israeli organizations. The group's tactics suggest potential nation-state backing, possibly from Iran. They have been involved in hack-and-leak operations, data breaches, and data destruction, impacting over 100 organizations. Cyber Toufan's activities align with geopolitical tensions in the Middle East and their attacks are characterized by a combination of technical breaches and psychological warfare.",
+      "meta": {
+        "country": "IR",
+        "refs": [
+          "https://www.darkreading.com/cyberattacks-data-breaches/-cyber-toufan-hacktivists-leaked-100-plus-israeli-orgs-in-one-month",
+          "https://socradar.io/dark-web-profile-cyber-toufan-al-aqsa/",
+          "https://research.checkpoint.com/2023/11th-december-threat-intelligence-report/",
+          "https://blog.polyswarm.io/2023-recap-cyber-activity-in-the-gaza-conflict",
+          "https://www.securityweek.com/palestinian-hackers-hit-100-israeli-organizations-in-destructive-attacks/"
+        ]
+      },
+      "uuid": "3decddc7-e554-48d8-8304-38b243fc9ccb",
+      "value": "Cyber Toufan"
    }
  ],
  "version": 296