[threat-actors] Add TetrisPhantom

2024-11-22 23:07:19 +00:00 · 2023-11-03 11:13:11 +01:00 · 2023-11-03 11:13:11 +01:00 · 4a521eec3b
commit 4a521eec3b
parent 78472ee3f5
1 changed files with 11 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -12194,6 +12194,17 @@
      },
      "uuid": "4f1c43a4-3788-4035-a99c-e510f89edd0f",
      "value": "Redfly"
+    },
+    {
+      "description": "TetrisPhantom relies on compromising of certain type of secure USB drives that provide hardware encryption and is commonly used by government organizations. While investigating this threat, experts identified an entire spying campaign that uses a range of malicious modules to execute commands, collect files and information from compromised computers and transfer them to other machines also using secure USB drives.",
+      "meta": {
+        "refs": [
+          "https://usa.kaspersky.com/blog/sas-2023-research/29254/",
+          "https://securelist.com/apt-trends-report-q3-2023/110752/"
+        ]
+      },
+      "uuid": "5368c0a2-eb79-420c-b808-85ae719efccd",
+      "value": "TetrisPhantom"
    }
  ],
  "version": 288