mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add UAC-0118
This commit is contained in:
parent
cf7cdcbc2b
commit
228bbcc21d
1 changed files with 16 additions and 0 deletions
|
@ -13728,6 +13728,22 @@
|
|||
},
|
||||
"uuid": "e883458d-496f-4a94-b916-4b7b83e3d525",
|
||||
"value": "DEV-0569"
|
||||
},
|
||||
{
|
||||
"description": "From Russia with Love, is a threat actor group that emerged during the Russia-Ukraine war in 2022. They primarily engage in DDoS attacks and have targeted critical infrastructure, media, energy, and government entities. FRwL has been linked to the use of the Somnia ransomware, which they employ as a wiper rather than for financial gain. While there is no direct evidence linking FRwL to the Russian Main Intelligence Directorate, it is possible that they coordinate activities with state-aligned hacktivist groups.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://socprime.com/blog/somnia-malware-detection-uac-0118-aka-frwl-launches-cyber-attacks-against-organizations-in-ukraine-using-enhanced-malware-strains/",
|
||||
"https://spixnet.at/cybersecurity-blog/2022/11/15/russian-hacktivists-hit-ukrainian-orgs-with-ransomware-but-no-ransom-demands/",
|
||||
"https://outpost24.com/blog/ics-attack-classifications/"
|
||||
],
|
||||
"synonyms": [
|
||||
"FRwL",
|
||||
"FromRussiaWithLove"
|
||||
]
|
||||
},
|
||||
"uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
|
||||
"value": "UAC-0118"
|
||||
}
|
||||
],
|
||||
"version": 295
|
||||
|
|
Loading…
Reference in a new issue