mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Add TA406
This commit is contained in:
parent
aaf944a11c
commit
2567d6f1f8
1 changed files with 39 additions and 0 deletions
|
@ -10286,6 +10286,45 @@
|
|||
},
|
||||
"uuid": "85f20141-1c8e-49ac-b963-eaa1fb1f4018",
|
||||
"value": "DEV-0147"
|
||||
},
|
||||
{
|
||||
"description": "TA406 is engaging in malware distribution, phishing, intelligence collection, and cryptocurrency theft, resulting in a wide range of criminal activities.",
|
||||
"meta": {
|
||||
"cfr-suspected-victims": [
|
||||
"China",
|
||||
"France",
|
||||
"Germany",
|
||||
"India",
|
||||
"Japan",
|
||||
"North America",
|
||||
"Russia",
|
||||
"South Africa",
|
||||
"South Korea",
|
||||
"United Kingdom"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government",
|
||||
"Journalists",
|
||||
"NGOs"
|
||||
],
|
||||
"country": "KR",
|
||||
"references": [
|
||||
"https://www.bleepingcomputer.com/news/security/north-korean-cyberspies-target-govt-officials-with-custom-malware/",
|
||||
"https://siliconangle.com/2021/11/18/north-korean-cybercriminal-group-ta406-escalates-attacks-2021/",
|
||||
"https://www.proofpoint.com/us/blog/threat-insight/triple-threat-north-korea-aligned-ta406-scams-spies-and-steals"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "bcaaad6f-0597-4b89-b69b-84a6be2b7bc3",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "part-of"
|
||||
}
|
||||
],
|
||||
"uuid": "89f005f9-22e9-4c50-9b48-e94c521266e5",
|
||||
"value": "TA406"
|
||||
}
|
||||
],
|
||||
"version": 260
|
||||
|
|
Loading…
Reference in a new issue