mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 10:17:18 +00:00
Merge pull request #996 from Mathieu4141/threat-actors/fc7ade34-5d19-4089-acce-65f8e103952b
[threat actors] Add 2 actors
This commit is contained in:
commit
52ed6c0f50
2 changed files with 27 additions and 1 deletions
|
@ -535,7 +535,7 @@ Category: *tea-matrix* - source: ** - total: *7* elements
|
|||
|
||||
[Threat Actor](https://www.misp-galaxy.org/threat-actor) - Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign. threat-actor-classification meta can be used to clarify the understanding of the threat-actor if also considered as operation, campaign or activity group.
|
||||
|
||||
Category: *actor* - source: *MISP Project* - total: *703* elements
|
||||
Category: *actor* - source: *MISP Project* - total: *705* elements
|
||||
|
||||
[[HTML](https://www.misp-galaxy.org/threat-actor)] - [[JSON](https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json)]
|
||||
|
||||
|
|
|
@ -16296,6 +16296,32 @@
|
|||
},
|
||||
"uuid": "849d16c8-eaa3-46e7-9c1c-179ef680922e",
|
||||
"value": "IntelBroker"
|
||||
},
|
||||
{
|
||||
"description": "DRAGONBRIDGE is a Chinese state-sponsored threat actor known for engaging in information operations to promote the political interests of the People's Republic of China. They have been observed using AI-generated images and videos to spread propaganda on social media platforms. The group has targeted various countries and regions, including the US, Taiwan, and Japan, with narratives promoting pro-PRC viewpoints. DRAGONBRIDGE has been linked to campaigns discrediting the US political system, sowing division between allies, and criticizing specific companies and individuals.",
|
||||
"meta": {
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"https://cloud.google.com/blog/topics/threat-intelligence/prc-dragonbridge-influence-elections/",
|
||||
"https://quointelligence.eu/2024/06/european-election-at-risk-analysis/",
|
||||
"https://blog.google/threat-analysis-group/over-50000-instances-of-dragonbridge-activity-disrupted-in-2022/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Spamouflage Dragon"
|
||||
]
|
||||
},
|
||||
"uuid": "a4d55f94-d842-400a-acb6-dfee1c446257",
|
||||
"value": "Dragonbridge"
|
||||
},
|
||||
{
|
||||
"description": "Boolka is a threat actor known for infecting websites with malicious JavaScript scripts for data exfiltration. They have been carrying out opportunistic SQL injection attacks since at least 2022. Boolka has developed a malware delivery platform based on the BeEF framework and has been distributing the BMANAGER trojan. Their activities demonstrate a progression from basic website infections to more sophisticated malware operations.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.group-ib.com/blog/boolka/"
|
||||
]
|
||||
},
|
||||
"uuid": "99ad0cef-c53a-44d5-85d4-5459e59a06d5",
|
||||
"value": "Boolka"
|
||||
}
|
||||
],
|
||||
"version": 312
|
||||
|
|
Loading…
Reference in a new issue