mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add ScamClub
This commit is contained in:
parent
6c2cb8979f
commit
44c270e9dc
1 changed files with 11 additions and 0 deletions
|
@ -13614,6 +13614,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "f0bb3d3a-c012-4d12-b621-51192977f190",
|
"uuid": "f0bb3d3a-c012-4d12-b621-51192977f190",
|
||||||
"value": "TunnelSnake"
|
"value": "TunnelSnake"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "ScamClub is a threat actor involved in malvertising activities since 2018. They target the Mobile Web market segment, particularly on iOS devices, where security software is often lacking. ScamClub utilizes obfuscation techniques and real-time bidding integration with ad exchanges to push malicious JavaScript payloads, leading to forced redirects and various scams such as phishing and gift card scams.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://blog.confiant.com/exploring-scamclub-payloads-via-deobfuscation-using-abstract-syntax-trees-65ef7f412537",
|
||||||
|
"https://www.malwarebytes.com/blog/threat-intelligence/2023/11/associated-press-espn-cbs-among-top-sites-serving-fake-virus-alerts"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "dae45b1c-f957-4242-aa5b-f36b08994bad",
|
||||||
|
"value": "ScamClub"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 295
|
"version": 295
|
||||||
|
|
Loading…
Reference in a new issue