mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add TwoSail Junk
This commit is contained in:
parent
c0dda66200
commit
44617774b6
1 changed files with 11 additions and 0 deletions
|
@ -12766,6 +12766,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "6616d2ac-2025-47f8-bb1a-1ece2b627c16",
|
"uuid": "6616d2ac-2025-47f8-bb1a-1ece2b627c16",
|
||||||
"value": "DEV-1028"
|
"value": "DEV-1028"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "TwoSail Junk directs visitors to its exploit site by posting links within the threads of forum discussions, or creating new topic threads of their own. To date, dozens of visits were recorded from within Hong Kong, with a couple from Macau. The technical details around the functionality of the iOS implant, called LightSpy, and related infrastructure, reveal a low-to-mid capable actor. However, the iOS implant is a modular and exhaustively functional iOS surveillance framework.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://securelist.com/ios-exploit-chain-deploys-lightspy-malware/96407/",
|
||||||
|
"https://securelist.com/apt-annual-review-what-the-worlds-threat-actors-got-up-to-in-2020/99574/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "533af03d-e160-4312-a92f-0500055f2b56",
|
||||||
|
"value": "TwoSail Junk"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 293
|
"version": 293
|
||||||
|
|
Loading…
Reference in a new issue