[threat-actors] Add Nemesis Kitten

This commit is contained in:
Mathieu Beligon 2023-03-01 16:37:42 -08:00
parent 84faa3c92b
commit 61cb24a3fc

View file

@ -10511,6 +10511,29 @@
], ],
"uuid": "035fbd5c-e4a1-4c7b-80fb-f5a89a361aed", "uuid": "035fbd5c-e4a1-4c7b-80fb-f5a89a361aed",
"value": "Karakurt" "value": "Karakurt"
},
{
"description": "Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including widespread vulnerability scanning, on behalf of the government of Iran.",
"meta": {
"country": "IR",
"references": [
"https://www.microsoft.com/en-us/security/blog/2022/09/07/profiling-dev-0270-phosphorus-ransomware-operations/"
],
"synonyms": [
"Nemesis Kitten"
]
},
"related": [
{
"dest-uuid": "b8967b3c-3bc9-11e8-8701-8b1ead8c099e",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "part-of"
}
],
"uuid": "7b90319a-9f7b-466d-9f90-7fcc270ed505",
"value": "DEV-0270"
} }
], ],
"version": 260 "version": 260