From 5801bbcfc1496246b58321088c12648f289731ee Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Wed, 2 Nov 2022 17:38:07 -0700 Subject: [PATCH] [threat-actors] Remove Skeleton Spider duplicate --- clusters/threat-actor.json | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b4923fb..84a7ea5 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -3399,7 +3399,8 @@ "https://www.fireeye.com/blog/threat-research/2019/04/pick-six-intercepting-a-fin6-intrusion.html", "https://attack.mitre.org/groups/G0037/", "https://securityintelligence.com/posts/more_eggs-anyone-threat-actor-itg08-strikes-again/", - "http://www.secureworks.com/research/threat-profiles/gold-franklin" + "http://www.secureworks.com/research/threat-profiles/gold-franklin", + "https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/" ], "synonyms": [ "SKELETON SPIDER", @@ -3418,6 +3419,13 @@ "estimative-language:likelihood-probability=\"likely\"" ], "type": "similar" + }, + { + "dest-uuid": "1cdbbcab-903a-414d-8eb0-439a97343737", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "647894f6-1723-4cba-aba4-0ef0966d5302", @@ -6711,16 +6719,6 @@ "uuid": "6e899dd4-f95e-42a0-a5a3-e57249f017cf", "value": "Flash Kitten" }, - { - "description": "According to CrowdStrike, this actor is using FrameworkPOS, potentially buying access through Dridex infections.", - "meta": { - "refs": [ - "https://www.crowdstrike.com/resources/reports/2019-crowdstrike-global-threat-report/" - ] - }, - "uuid": "998b0a78-ff3e-4928-802f-b42e3f5cf491", - "value": "SKELETON SPIDER" - }, { "description": "According to CrowdStrike, this actor is using TinyLoader and TinyPOS, potentially buying access through Dridex infections.", "meta": {