MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add KAX17

Browse source
This commit is contained in:
Mathieu4141 2023-11-15 08:19:01 -08:00
parent 247dd86523
commit 3209c45b42
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
clusters/threat-actor.json
View file

@ -12987,6 +12987,19 @@
},
"uuid": "111efc97-6a93-487b-8cb3-1e890ac51066",
"value": "Bohrium"
},
{
"description": "KAX17 is a sophisticated threat actor that has been active since at least 2017. They have operated hundreds of malicious servers within the Tor network, primarily as entry and middle points. Their main objective appears to be collecting information on Tor users and mapping their routes within the network. Despite efforts to remove their servers, KAX17 has shown resilience and continues to operate.",
"meta": {
"refs": [
"https://www.malwarebytes.com/blog/news/2021/12/was-threat-actor-kax17-de-anonymizing-the-tor-network/amp",
"https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays",
"https://darknetlive.com/post/who-is-responsible-for-running-hundreds-of-malicious-tor-relays/",
"https://nusenu.medium.com/is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8"
]
},
"uuid": "615311f0-58d4-4d1d-ac86-6ba86d119317",
"value": "KAX17"
}
],
"version": 294