MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2025-01-19 11:06:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #857 from danielplohmann/main-2

Browse source 
adding MoustachedBouncer
This commit is contained in:
Alexandre Dulaunoy 2023-08-10 16:12:31 +02:00 committed by GitHub
commit 7462830337
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
clusters/threat-actor.json
View file

@ -11462,7 +11462,30 @@
},
"uuid": "77742419-aa71-4bc2-94c6-29c394b350e7",
"value": "Worok"
},
{
"description": "MoustachedBouncer is a cyberespionage group discovered by ESET Research and first publicly disclosed in August 2023. The group has been active since at least 2014 and only targets foreign embassies in Belarus. Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets. The group uses two separate toolsets that we have named NightClub and Disco.",
"meta": {
"attribution-confidence": "50",
"cfr-suspected-state-sponsor": "Belarus",
"cfr-suspected-victims": [
"Europe",
"Eastern Europe",
"South Asia",
"Northeast Africa"
],
"cfr-target-category": [
"Government"
],
"cfr-type-of-incident": "Espionage",
"country": "BY",
"refs": [
"https://www.welivesecurity.com/en/eset-research/moustachedbouncer-espionage-against-foreign-diplomats-in-belarus/"
]
},
"uuid": "01ac8b25-492e-444b-891b-968f2694e7b2",
"value": "MoustachedBouncer"
}
],
"version": 276
"version": 277
}