[threat-actors] Add Storm-0867

This commit is contained in:
Mathieu4141 2024-02-01 11:01:58 -08:00
parent 8d024a52b1
commit 4cbf4353b0

View file

@ -14280,6 +14280,20 @@
},
"uuid": "062938a2-6fa1-4217-ad73-f5e0b5186966",
"value": "Caramel Tsunami"
},
{
"description": "Storm-0867 is a threat actor that has been active since 2012 and has targeted various industries and regions. They employ sophisticated phishing campaigns, utilizing social engineering techniques and a phishing as a service platform called Caffeine. Their attacks involve intercepting and manipulating communication between users and legitimate services, allowing them to steal passwords, hijack sign-in sessions, bypass multifactor authentication, and modify authentication methods.",
"meta": {
"country": "EG",
"refs": [
"https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-chronicles-a-deep-dive-into-storm-0867/ba-p/3911769"
],
"synonyms": [
"DEV-0867"
]
},
"uuid": "dc1d0202-8976-4d15-810d-4af0feff6af9",
"value": "Storm-0867"
}
],
"version": 298