[threat-actors] Add Xiaoqiying

This commit is contained in:
Mathieu Beligon 2023-11-03 11:13:11 +01:00
parent f82b502df6
commit 4bb6cce77d

View file

@ -12118,6 +12118,23 @@
}, },
"uuid": "39ef9941-4f9c-4807-ab10-88e863ce7953", "uuid": "39ef9941-4f9c-4807-ab10-88e863ce7953",
"value": "Keksec" "value": "Keksec"
},
{
"description": "Xiaoqiying is a primarily Chinese-speaking threat group that is most well known for conducting website defacement and data exfiltration attacks on more than a dozen South Korean research and academic institutions in late-January 2023. Research from Recorded Futures Insikt Group has found that the groups affiliated threat actors have signaled a new round of cyberattacks against organizations in Japan and Taiwan. Although it shows no clear ties to the Chinese government, Xiaoqiying is staunchly pro-China and vows to target NATO countries as well as any country or region that is deemed hostile to China.",
"meta": {
"aliases": [
"Genesis Day",
"Teng Snake"
],
"refs": [
"https://www.recordedfuture.com/xiaoqiying-genesis-day-threat-actor-group-targets-south-korea-taiwan",
"https://medium.com/s2wblog/%E5%8F%98%E8%84%B8-teng-snake-a-k-a-code-core-8c35268b4d1a",
"https://therecord.media/samsung-investigating-claims-of-hack-on-south-korea-systems-internal-employee-platform/"
],
"country": "CN"
},
"uuid": "0ee7be4f-389f-4083-a1e4-4c39dc1ae105",
"value": "Xiaoqiying"
} }
], ],
"version": 288 "version": 288