diff --git a/clusters/ransomware.json b/clusters/ransomware.json index b6f70d2..e270bc8 100644 --- a/clusters/ransomware.json +++ b/clusters/ransomware.json @@ -11498,7 +11498,11 @@ "description": "Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services. The crooks show a screen titled UNNAMED1989 and demand the victim a ransom of 110 yuan ($16) in exchange for decrypting the files, payable via Tencent's WeChat payment service by scanning a QR code.", "meta": { "refs": [ - "https://www.bleepingcomputer.com/news/security/ransomware-infects-100k-pcs-in-china-demands-wechat-payment/" + "https://www.bleepingcomputer.com/news/security/ransomware-infects-100k-pcs-in-china-demands-wechat-payment/", + "https://www.bleepingcomputer.com/news/security/chinese-police-arrest-dev-behind-unnamed1989-wechat-ransomware/" + ], + "synonyms": [ + "UNNAMED1989" ] }, "uuid": "b2aa807d-98fa-48e4-927b-4e81a50736e5", diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 1c00c97..c78bdfc 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -6040,6 +6040,16 @@ }, "uuid": "608a903a-8145-4fd1-84bc-235e278480bf", "value": "DNSpionage" + }, + { + "description": "Dubbed DarkVishnya, the attacks targeted at least eight banks using readily-available gear such as netbooks or inexpensive laptops, Raspberry Pi mini-computers, or a Bash Bunny - a USB-sized piece hardware for penetration testing purposes that can pose as a keyboard, flash storage, network adapter, or as any serial device.", + "meta": { + "refs": [ + "https://www.bleepingcomputer.com/news/security/netbooks-rpis-and-bash-bunny-gear-attacking-banks-from-the-inside/" + ] + }, + "uuid": "db7fd7dd-28f7-4e8d-a807-8405e4b0f4e2", + "value": "DarkVishnya" } ], "version": 82