MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

merging Pacifier & Turla

Browse source
This commit is contained in:
Rony 2019-05-16 23:57:49 +05:30 committed by GitHub
parent 32af463dd1
commit 380006ecbb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
clusters/threat-actor.json
View file

@ -2312,7 +2312,8 @@
"https://www.welivesecurity.com/2017/03/30/carbon-paper-peering-turlas-second-stage-backdoor/",
"https://www.cfr.org/interactive/cyber-operations/turla",
"https://www.bleepingcomputer.com/news/security/turla-outlook-backdoor-uses-clever-tactics-for-stealth-and-persistence/",
"https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/turla-png-dropper-is-back/"
"https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/november/turla-png-dropper-is-back/",
"http://download.bitdefender.com/resources/files/News/CaseStudies/study/115/Bitdefender-Whitepaper-PAC-A4-en-EN1.pdf"
],
"synonyms": [
"Turla",
@ -2326,7 +2327,9 @@
"Pfinet",
"TAG_0530",
"KRYPTON",
"Hippo Team"
"Hippo Team",
"Pacifier APT",
"Popeye"
]
},
"related": [
@ -2988,22 +2991,6 @@
"uuid": "bb446dc2-4fee-4212-8b2c-3ffa2917e338",
"value": "ScarCruft"
},
{
"description": "Bitdefender detected and blocked an ongoing cyber-espionage campaign against Romanian institutions and other foreign targets. The attacks started in 2014, with the latest reported occurrences in May of 2016. The APT, dubbed Pacifier by Bitdefender researchers, makes use of malicious .doc documents and .zip files distributed via spear phishing e-mail.",
"meta": {
"attribution-confidence": "50",
"country": "RU",
"refs": [
"http://download.bitdefender.com/resources/files/News/CaseStudies/study/115/Bitdefender-Whitepaper-PAC-A4-en-EN1.pdf"
],
"synonyms": [
"Skipper",
"Popeye"
]
},
"uuid": "32db3cc1-bb79-4b08-a7a4-747a37221afa",
"value": "Pacifier APT"
},
{
"description": "This group created a malware that takes over Android devices and generates $300,000 per month in fraudulent ad revenue. The group effectively controls an arsenal of over 85 million mobile devices around the world. With the potential to sell access to these devices to the highest bidder",
"meta": {