Merge pull request #881 from feedly/threat-actors/add-camaro-dragon

[threat-actors] Add Camaro Dragon
This commit is contained in:
Alexandre Dulaunoy 2023-10-26 17:44:44 +02:00 committed by GitHub
commit 555c45c139
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -12047,6 +12047,18 @@
], ],
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e", "uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
"value": "Void Rabisu" "value": "Void Rabisu"
},
{
"description": "In early 2023, the Check Point Incident Response Team (CPIRT) team investigated a malware incident at a European healthcare institution involving a set of tools mentioned in the Avast report in late 2022. The incident was attributed to Camaro Dragon, a Chinese-based espionage threat actor whose activities overlap with activities tracked by different researchers as Mustang Panda and LuminousMoth, whose focus is primarily on Southeast Asian countries and their close peers.",
"meta": {
"country": "CN",
"references": [
"https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/",
"https://research.checkpoint.com/2023/beyond-the-horizon-traveling-the-world-on-camaro-dragons-usb-flash-drives/"
]
},
"uuid": "9ee446fd-b0cd-4662-9cd1-a60b429192db",
"value": "Camaro Dragon"
} }
], ],
"version": 287 "version": 287