MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-23 07:17:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #881 from feedly/threat-actors/add-camaro-dragon

Browse source 
[threat-actors] Add Camaro Dragon
This commit is contained in:
Alexandre Dulaunoy 2023-10-26 17:44:44 +02:00 committed by GitHub
commit 555c45c139
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
clusters/threat-actor.json
View file

@ -12047,6 +12047,18 @@
], ],
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e", "uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
"value": "Void Rabisu" "value": "Void Rabisu"
},
{
"description": "In early 2023, the Check Point Incident Response Team (CPIRT) team investigated a malware incident at a European healthcare institution involving a set of tools mentioned in the Avast report in late 2022. The incident was attributed to Camaro Dragon, a Chinese-based espionage threat actor whose activities overlap with activities tracked by different researchers as Mustang Panda and LuminousMoth, whose focus is primarily on Southeast Asian countries and their close peers.",
"meta": {
"country": "CN",
"references": [
"https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/",
"https://research.checkpoint.com/2023/beyond-the-horizon-traveling-the-world-on-camaro-dragons-usb-flash-drives/"
]
},
"uuid": "9ee446fd-b0cd-4662-9cd1-a60b429192db",
"value": "Camaro Dragon"
} }
], ],
"version": 287 "version": 287