mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Operation Emmental
This commit is contained in:
parent
c740c6f1e1
commit
6235ee49f7
1 changed files with 15 additions and 0 deletions
|
@ -14968,6 +14968,21 @@
|
|||
},
|
||||
"uuid": "4e137d53-b9cf-4b9a-88c2-f29dd27ac302",
|
||||
"value": "Urpage"
|
||||
},
|
||||
{
|
||||
"description": "Operation Emmental, also known as the Retefe gang, is a threat actor group that has been active since at least 2012. They primarily target customers of banks in countries such as Austria, Sweden, Switzerland, and Japan. The group has developed sophisticated malware, including a Mac alternative called Dok, to bypass two-factor authentication and hijack network traffic. They have also been observed using phishing emails to spread their malware. The group is believed to be Russian-speaking and has continuously improved their malicious codes over the years.",
|
||||
"meta": {
|
||||
"country": "RU",
|
||||
"refs": [
|
||||
"http://blog.trendmicro.com/trendlabs-security-intelligence/osx_dok-mac-malware-emmental-hijacks-user-network-traffic/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Retefe Gang",
|
||||
"Retefe Group"
|
||||
]
|
||||
},
|
||||
"uuid": "a1527821-fe84-44ec-ad29-8d3040463bc9",
|
||||
"value": "Operation Emmental"
|
||||
}
|
||||
],
|
||||
"version": 299
|
||||
|
|
Loading…
Reference in a new issue