diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 2534fbf..07f542d 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5983,7 +5983,18 @@ }, "uuid": "d5e90854-d5c9-11e8-98b9-1f98eb80d30a", "value": "The Shadow Brokers" + }, + { + "value" : "EvilTraffic", + "description": "Malware experts at CSE Cybsec uncovered a massive malvertising campaign dubbed EvilTraffic leveraging tens of thousands compromised websites. Crooks exploited some CMS vulnerabilities to upload and execute arbitrary PHP pages used to generate revenues via advertising.", + "meta": { + "refs": [ + "http://securityaffairs.co/wordpress/68059/cyber-crime/eviltraffic-malvertising-campaign.html", + "http://csecybsec.com/download/zlab/20180121_CSE_Massive_Malvertising_Report.pdf" + ] + }, + "uuid": "c2d5a052-dc30-11e8-9643-d76f3b9c94fa" } ], - "version": 75 + "version": 76 }