mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Add Earth Kitsune
This commit is contained in:
parent
5d6bcf5e55
commit
6e7e5e60ce
1 changed files with 13 additions and 0 deletions
|
@ -13101,6 +13101,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "ab376039-4ede-4dfc-a45b-c80d9d994657",
|
"uuid": "ab376039-4ede-4dfc-a45b-c80d9d994657",
|
||||||
"value": "FusionCore"
|
"value": "FusionCore"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and use various tactics, such as compromising websites and employing social engineering, to distribute self-developed backdoors. Earth Kitsune demonstrates technical proficiency and continuously evolves their tools, tactics, and procedures. They have been associated with malware such as WhiskerSpy and SLUB.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.trendmicro.com/en_us/research/23/b/earth-kitsune-delivers-new-whiskerspy-backdoor.html",
|
||||||
|
"https://www.trendmicro.com/en_us/research/20/l/who-is-the-threat-actor-behind-operation-earth-kitsune-.html",
|
||||||
|
"https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html",
|
||||||
|
"https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-earth-kitsune-tracking-slub-s-current-operations/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "a9f29636-26e4-42f0-95d1-7a49dd6f0a79",
|
||||||
|
"value": "Earth Kitsune"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 294
|
"version": 294
|
||||||
|
|
Loading…
Reference in a new issue