[threat-actors] Add Water Makara

2024-11-22 14:57:18 +00:00 · 2024-11-01 10:43:27 -07:00 · 2024-11-01 10:43:27 -07:00 · 2a865b8c07
commit 2a865b8c07
parent f74560c80f
1 changed files with 10 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -17071,6 +17071,16 @@
      },
      "uuid": "e13e36e7-a75b-42fa-8d51-35f9eeafebfc",
      "value": "UNC5820"
+    },
+    {
+      "description": "Water Makara employs the Astaroth banking malware, which features a new defense evasion technique. Their spear phishing campaigns exploit human error by targeting users to click on malicious files. To mitigate these threats, organizations should implement regular security training, enforce strong password policies, utilize multifactor authentication (MFA), keep security solutions updated, and apply the principle of least privilege.",
+      "meta": {
+        "refs": [
+          "https://www.trendmicro.com/en_us/research/24/j/water-makara-uses-obfuscated-javascript-in-spear-phishing-campai.html"
+        ]
+      },
+      "uuid": "54bc063d-fc4e-4076-a282-cdb98480da2a",
+      "value": "Water Makara"
    }
  ],
  "version": 318