From 3256cca9e053ced12ce97113b9eb2618e5efdaf2 Mon Sep 17 00:00:00 2001 From: Bart Date: Fri, 12 Apr 2019 21:12:16 +0100 Subject: [PATCH] Add DoNot team references --- clusters/threat-actor.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index a9c864d..2be228e 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5764,7 +5764,9 @@ "description": "In March 2017, the 360 Chasing Team found a sample of targeted attacks that confirmed the previously unknown sample of APT's attack actions, which the organization can now trace back at least in April 2016. The chasing team named the attack organization APT-C-35. In June 2017, the 360 Threat Intelligence Center discovered the organization’s new attack activity, confirmed and exposed the gang’s targeted attacks against Pakistan, and analyzed in detail. The unique EHDevel malicious code framework used by the organization", "meta": { "refs": [ - "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/" + "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/", + "https://www.netscout.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia", + "https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en/" ], "synonyms": [ "DoNot Team"