[threat-actors] Add Storm-1113

This commit is contained in:
Mathieu4141 2024-01-08 05:23:29 -08:00
parent ce4be94d8b
commit 2c7adf27a0

View file

@ -13940,6 +13940,16 @@
}, },
"uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55", "uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55",
"value": "KelvinSecurity" "value": "KelvinSecurity"
},
{
"description": "Storm-1113 is a threat actor that acts both as an access broker focused on malware distribution through search advertisements and as an “as-a-service” entity providing malicious installers and landing page frameworks. In Storm-1113 malware distribution campaigns, users are directed to landing pages mimicking well-known software that host installers, often MSI files, that lead to the installation of malicious payloads. Storm-1113 is also the developer of EugenLoader, a commodity malware first observed around November 2022.",
"meta": {
"refs": [
"https://www.microsoft.com/en-us/security/blog/2023/12/28/financially-motivated-threat-actors-misusing-app-installer/"
]
},
"uuid": "993e81e8-63f4-4666-9538-4053a69287ba",
"value": "Storm-1113"
} }
], ],
"version": 296 "version": 296