mirror of
https://github.com/MISP/misp-galaxy.git
synced 2025-02-17 01:06:22 +00:00
[threat-actors] Add UAC-0020
This commit is contained in:
Mathieu4141
parent
c8e623e84c
commit
4cabbe3bc9
1 changed files with 17 additions and 0 deletions
|
|
@ -16155,6 +16155,23 @@
|
||||||
},
|
},
|
||||||
"uuid": "78e8bc1a-0be3-4792-a911-9d4813dd7bc3",
|
"uuid": "78e8bc1a-0be3-4792-a911-9d4813dd7bc3",
|
||||||
"value": "Bondnet"
|
"value": "Bondnet"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Vermin is a threat actor group linked to the Luhansk People’s Republic and believed to be acting on behalf of the Kremlin. They have targeted Ukrainian government infrastructure using malware like Spectr and legitimate tools like SyncThing for data exfiltration. Vermin has been active since at least 2018, using custom-made RATs like Vermin and open-source tools like Quasar for cyber-espionage. The group has resurfaced after periods of inactivity to conduct espionage operations against Ukraine's military and defense sectors.",
|
||||||
|
"meta": {
|
||||||
|
"country": "RU",
|
||||||
|
"refs": [
|
||||||
|
"https://socprime.com/blog/vermin-uac-0020-hacking-collective-hits-ukrainian-government-and-military-with-spectr-malware/",
|
||||||
|
"https://therecord.media/russian-vermin-hackers-target-ukraine",
|
||||||
|
"https://cert.gov.ua/article/6279600"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Vermin",
|
||||||
|
"SickSync"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "318be739-26fd-4f4d-bac8-aa20ec8273b7",
|
||||||
|
"value": "UAC-0020"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 310
|
"version": 310
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue