MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add APT42

Browse source
This commit is contained in:
Mathieu Beligon 2023-03-01 15:15:45 -08:00
parent 2567d6f1f8
commit 3406ad3aa9
1 changed files with 47 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
clusters/threat-actor.json
View file

@ -10309,8 +10309,6 @@
],
"country": "KR",
"references": [
"https://www.bleepingcomputer.com/news/security/north-korean-cyberspies-target-govt-officials-with-custom-malware/",
"https://siliconangle.com/2021/11/18/north-korean-cybercriminal-group-ta406-escalates-attacks-2021/",
"https://www.proofpoint.com/us/blog/threat-insight/triple-threat-north-korea-aligned-ta406-scams-spies-and-steals"
]
},
@ -10325,6 +10323,53 @@
],
"uuid": "89f005f9-22e9-4c50-9b48-e94c521266e5",
"value": "TA406"
},
{
"description": "Iranian state-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and organizations of strategic interest to the Iranian government.",
"meta": {
"attribution-confidence": "50",
"cfr-suspected-victims": [
"Australia",
"Europe",
"Middle East",
"US"
],
"cfr-target-category": [
"Education",
"Government",
"Healthcare",
"Legal",
"Manufacturing",
"Media",
"NGOs",
"Pharmaceuticals"
],
"country": "IR",
"references": [
"https://www.mandiant.com/resources/blog/apt42-charms-cons-compromises"
],
"synonyms": [
"UNC788"
]
},
"related": [
{
"dest-uuid": "b8967b3c-3bc9-11e8-8701-8b1ead8c099e",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
},
{
"dest-uuid": "f98bac6b-12fd-4cad-be84-c84666932232",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
}
],
"uuid": "35f887ad-6709-4d0b-8e9c-6b3fa09c783f",
"value": "APT42"
}
],
"version": 260