mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add PROPHET SPIDER
This commit is contained in:
parent
61cb24a3fc
commit
4bbee8c1e7
1 changed files with 28 additions and 0 deletions
|
@ -10534,6 +10534,34 @@
|
|||
],
|
||||
"uuid": "7b90319a-9f7b-466d-9f90-7fcc270ed505",
|
||||
"value": "DEV-0270"
|
||||
},
|
||||
{
|
||||
"description": "PROPHET SPIDER is an eCrime actor, active since at least May 2017, that primarily gains access to victims by compromising vulnerable web servers, which commonly involves leveraging a variety of publicly disclosed vulnerabilities. The adversary has likely functioned as an access broker — handing off access to a third party to deploy ransomware — in multiple instances.",
|
||||
"meta": {
|
||||
"country": "",
|
||||
"references": [
|
||||
"https://www.crowdstrike.com/blog/prophet-spider-exploits-oracle-weblogic-to-facilitate-ransomware-activity/",
|
||||
"https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile/"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "cd84bc53-8684-4921-89c7-2cf49512bf61",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "uses"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "b5814e05-532a-4262-a8da-82fd0d7605ee",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "uses"
|
||||
}
|
||||
],
|
||||
"uuid": "eb0b100c-8a4e-4859-b6f8-eebd66c3d20c",
|
||||
"value": "Prophet Spider"
|
||||
}
|
||||
],
|
||||
"version": 260
|
||||
|
|
Loading…
Reference in a new issue