[threat-actors] Add Operation Emmental

This commit is contained in:
Mathieu4141 2024-02-06 07:30:07 -08:00
parent c740c6f1e1
commit 6235ee49f7

View file

@ -14968,6 +14968,21 @@
},
"uuid": "4e137d53-b9cf-4b9a-88c2-f29dd27ac302",
"value": "Urpage"
},
{
"description": "Operation Emmental, also known as the Retefe gang, is a threat actor group that has been active since at least 2012. They primarily target customers of banks in countries such as Austria, Sweden, Switzerland, and Japan. The group has developed sophisticated malware, including a Mac alternative called Dok, to bypass two-factor authentication and hijack network traffic. They have also been observed using phishing emails to spread their malware. The group is believed to be Russian-speaking and has continuously improved their malicious codes over the years.",
"meta": {
"country": "RU",
"refs": [
"http://blog.trendmicro.com/trendlabs-security-intelligence/osx_dok-mac-malware-emmental-hijacks-user-network-traffic/"
],
"synonyms": [
"Retefe Gang",
"Retefe Group"
]
},
"uuid": "a1527821-fe84-44ec-ad29-8d3040463bc9",
"value": "Operation Emmental"
}
],
"version": 299