From 1ebe75d3fefb9a4620cf474e30fe13ce3f53aa03 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Wed, 31 Jul 2024 02:14:11 -0700
Subject: [PATCH] [threat-actors] Add Hive0137

---
 clusters/threat-actor.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 79ba1d4..805ed89 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -16501,6 +16501,16 @@
       },
       "uuid": "8191e28a-fb2d-4d50-b992-b877807a2f37",
       "value": "UNC4393"
+    },
+    {
+      "description": "Being one of the most active malware distributors, Hive0137 demonstrates a willingness to explore new payloads and technologies such as GenAI. They have quickly moved onto the same level as other high-profile distributors such as TA577, and will likely be responsible for future phishing campaigns, facilitating initial access for ransomware affiliates. Hive0137’s combination of intent, capabilities and relationships with other groups presents a direct threat to organizations all over the world. As threat actors pick up the pace and increasingly adopt AI technologies for malicious purposes, it is important that organizations are aware of the most recent threats and their capabilities to maintain a strong security posture.",
+      "meta": {
+        "refs": [
+          "https://securityintelligence.com/x-force/hive0137-on-ai-journey/"
+        ]
+      },
+      "uuid": "34f2d3ad-e367-4058-a10b-1f7a4274c418",
+      "value": "Hive0137"
     }
   ],
   "version": 312