MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 08:47:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add FASTCash

Browse source
This commit is contained in:
Deborah Servili 2018-10-03 15:09:14 +02:00
parent 403f162451
commit 3dfe8a5a34
2 changed files with 30 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
clusters/threat-actor.json
View file

@ -5901,7 +5901,21 @@
] ]
}, },
"uuid": "dda1b28e-c558-11e8-8666-27cf61d1d7ee" "uuid": "dda1b28e-c558-11e8-8666-27cf61d1d7ee"
},
{
"value": "FASTCash",
"description": "Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks in Africa and Asia to remotely compromise payment switch application servers within banks to facilitate fraudulent transactions, primarily involving ATMs, to steal cash equivalent to tens of millions of dollars. FBI has attributed malware used in this campaign to the North Korean government. We expect FASTCash to continue targeting retail payment systems vulnerable to remote exploitation.",
"uuid": "e38d32a2-c708-11e8-8785-472c4cfccd85",
"related": [
{
"dest-uuid": "e306fe62-c708-11e8-89f2-073e396e5403",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
}
]
} }
], ],
"version": 67 "version": 68
} }

16
clusters/tool.json
View file

@ -5839,7 +5839,21 @@
] ]
}, },
"uuid": "55d29d1c-c550-11e8-9904-47c1d86af7c5" "uuid": "55d29d1c-c550-11e8-9904-47c1d86af7c5"
},
{
"value": "FASTCash",
"description": "Treasury has identified a sophisticated cyber-enabled ATM cash out campaign we are calling FASTCash. FASTCash has been active since late 2016 targeting banks in Africa and Asia to remotely compromise payment switch application servers within banks to facilitate fraudulent transactions, primarily involving ATMs, to steal cash equivalent to tens of millions of dollars. FBI has attributed malware used in this campaign to the North Korean government. We expect FASTCash to continue targeting retail payment systems vulnerable to remote exploitation.",
"uuid": "e306fe62-c708-11e8-89f2-073e396e5403",
"related": [
{
"dest-uuid": "e38d32a2-c708-11e8-8785-472c4cfccd85",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
}
]
} }
], ],
"version": 89 "version": 90
} }