mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Storm-1567
This commit is contained in:
parent
eb8db810c0
commit
7607dc70cf
1 changed files with 17 additions and 0 deletions
|
@ -14662,6 +14662,23 @@
|
||||||
},
|
},
|
||||||
"uuid": "e18dca82-0524-4338-9a66-e13e67c81ac4",
|
"uuid": "e18dca82-0524-4338-9a66-e13e67c81ac4",
|
||||||
"value": "Storm-1152"
|
"value": "Storm-1152"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Storm-1567 is the threat actor behind the Ransomware-as-a-Service Akira. They attacked Swedish organizations in March 2023. This ransomware utilizes the ChaCha encryption algorithm, PowerShell, and Windows Management Instrumentation (WMI). Microsoft's Defender for Endpoint successfully blocked a large-scale hacking campaign carried out by Storm-1567, highlighting the effectiveness of their security solution.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://news.sophos.com/en-us/2023/12/20/cryptoguard-an-asymmetric-approach-to-the-ransomware-battle/",
|
||||||
|
"https://securelist.com/crimeware-report-fakesg-akira-amos/111483/",
|
||||||
|
"https://www.trellix.com/en-us/about/newsroom/stories/research/akira-ransomware.html",
|
||||||
|
"https://blog.sekoia.io/sekoia-io-mid-2023-ransomware-threat-landscape",
|
||||||
|
"https://decoded.avast.io/threatresearch/avast-q2-2023-threat-report/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Akira"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "3a912680-6f38-4fe7-9941-744f0e2280b3",
|
||||||
|
"value": "Storm-1567"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 298
|
"version": 298
|
||||||
|
|
Loading…
Reference in a new issue