From 240a757826ef6870c8d09ea6c943ba606269f661 Mon Sep 17 00:00:00 2001 From: Daniel Plohmann Date: Wed, 13 Jul 2022 10:02:07 +0200 Subject: [PATCH] Update threat-actor.json adding Predatory Sparrow due to recent events. --- clusters/threat-actor.json | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 5dd0a53..5e8eb7b 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -9569,7 +9569,31 @@ }, "uuid": "3c5129ea-8f18-4bcf-a33b-b5aab0720494", "value": "POLONIUM" + }, + { + "description": "A self-proclaimed hacktivist group that carried out attacks against Iranian railway systems and against Iranian steel plants.", + "meta": { + "cfr-suspected-victims": [ + "Iran" + ], + "cfr-target-category": [ + "Critical manufacturing", + "Transportation systems" + ], + "cfr-type-of-incident": "Sabotage", + "refs": [ + "https://www.bbc.com/news/technology-62072480", + "https://twitter.com/_cpresearch_/status/1541753913732366338", + "https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/" + ], + "synonyms": [ + "Indra", + "Gonjeshke Darande" + ] + }, + "uuid": "e665ac2f-87b4-4c2e-bef7-78bf0a8af87b", + "value": "Predatory Sparrow" } ], - "version": 230 + "version": 231 }