mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
[threat-actors] Add UAC-0006
This commit is contained in:
parent
d3c15e1652
commit
5b993d2517
1 changed files with 16 additions and 0 deletions
|
@ -13194,6 +13194,22 @@
|
||||||
},
|
},
|
||||||
"uuid": "5a38db83-16b3-477f-a045-66a922868eea",
|
"uuid": "5a38db83-16b3-477f-a045-66a922868eea",
|
||||||
"value": "TA444"
|
"value": "TA444"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UAC-0006 is a financially motivated threat actor that has been active since at least 2013. They primarily target Ukrainian organizations, particularly accountants, with phishing emails containing the SmokeLoader malware. Their goal is to steal credentials and execute unauthorized fund transfers, posing a significant risk to financial systems.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://socprime.com/blog/smokeloader-detection-uac-0006-group-launches-a-new-phishing-campaign-against-ukraine/",
|
||||||
|
"https://socprime.com/blog/smokeloader-malware-detection-uac-0006-hackers-launch-a-wave-of-phishing-attacks-against-ukraine-targeting-accountants/",
|
||||||
|
"https://socprime.com/blog/detecting-smokeloader-campaign-uac-0006-keep-targeting-ukrainian-financial-institutions-in-a-series-of-phishing-attacks/",
|
||||||
|
"https://socprime.com/blog/latest-threats/detect-smokeloader-malware-uac-0006-strikes-again-to-target-ukraine-in-a-series-of-phishing-attacks/",
|
||||||
|
"https://socprime.com/blog/smokeloader-malware-detection-uac-0006-group-reemerges-to-launch-phishing-attacks-against-ukraine-using-financial-subject-lures/",
|
||||||
|
"https://cert.gov.ua/article/4555802",
|
||||||
|
"https://cert.gov.ua/article/6123309"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "013f56ea-a441-483f-812c-c384c790e474",
|
||||||
|
"value": "UAC-0006"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 294
|
"version": 294
|
||||||
|
|
Loading…
Reference in a new issue