mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
Add Operation ShadowHammer
This commit is contained in:
parent
575dd64582
commit
6027d546f2
3 changed files with 20 additions and 21 deletions
|
@ -2555,8 +2555,7 @@
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|
||||||
"uuid": "cb23f563-a8b9-4427-9884-594e8d3cc836",
|
"uuid": "cb23f563-a8b9-4427-9884-594e8d3cc836",
|
||||||
"value": "Cardinal"
|
"value": "Cardinal"
|
||||||
},
|
},
|
||||||
|
|
|
@ -6644,7 +6644,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "ee7f535d-cc3e-40f3-99f3-c97963cfa250",
|
"uuid": "ee7f535d-cc3e-40f3-99f3-c97963cfa250",
|
||||||
"value": "APT-C-27"
|
"value": "APT-C-27"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Newly discovered supply chain attack that leveraged ASUS Live Update software.\nThe goal of the attack was to surgically target an unknown pool of users, which were identified by their network adapters’ MAC addresses. To achieve this, the attackers had hardcoded a list of MAC addresses in the trojanized samples and this list was used to identify the actual intended targets of this massive operation. We were able to extract more than 600 unique MAC addresses from over 200 samples used in this attack. Of course, there might be other samples out there with different MAC addresses in their list.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://securelist.com/operation-shadowhammer/89992/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "401c30c7-4317-458a-9b0a-379a44d63457",
|
||||||
|
"value": "Operation ShadowHammer"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 104
|
"version": 105
|
||||||
}
|
}
|
||||||
|
|
|
@ -4983,15 +4983,6 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"related": [
|
"related": [
|
||||||
{
|
|
||||||
"dest-uuid": "3d3da4c0-004c-400c-9da6-f83fd35d907e",
|
|
||||||
"tags": [
|
|
||||||
"estimative-language:likelihood-probability=\"likely\""
|
|
||||||
],
|
|
||||||
"type": "similar"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"related": [
|
|
||||||
{
|
{
|
||||||
"dest-uuid": "e1ca79eb-5629-4267-bb37-3992c7126ef4",
|
"dest-uuid": "e1ca79eb-5629-4267-bb37-3992c7126ef4",
|
||||||
"tags": [
|
"tags": [
|
||||||
|
@ -4999,8 +4990,7 @@
|
||||||
],
|
],
|
||||||
"type": "similar"
|
"type": "similar"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|
||||||
"uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff",
|
"uuid": "1d9fbf33-faea-40c1-b543-c7b39561f0ff",
|
||||||
"value": "Cardinal RAT"
|
"value": "Cardinal RAT"
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue