mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Karkadann
This commit is contained in:
parent
b35d4bd07a
commit
3379a0777b
1 changed files with 14 additions and 0 deletions
|
@ -14789,6 +14789,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "33bfb09d-c6f4-4403-b434-1d4d4733ec52",
|
"uuid": "33bfb09d-c6f4-4403-b434-1d4d4733ec52",
|
||||||
"value": "TA2719"
|
"value": "TA2719"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Karkadann is a threat actor that has been active since at least October 2020, targeting government bodies and news outlets in the Middle East. They have been involved in watering hole attacks, compromising high-profile websites to inject malicious JavaScript code. The group has been linked to another commercial spyware company called Candiru, suggesting they may utilize multiple spyware technologies. There are similarities in the infrastructure and tactics used by Karkadann in their campaigns.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://securelist.com/apt-trends-report-q2-2022/106995/",
|
||||||
|
"https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Piwiks"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "8146ba06-cef2-4a94-b26e-1a4041e04c7d",
|
||||||
|
"value": "Karkadann"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 299
|
"version": 299
|
||||||
|
|
Loading…
Reference in a new issue