[threat-actors] Add Aggressive Inventory Zombies

clusters/threat-actor.json

@@ -17548,6 +17548,19 @@
       },
       "uuid": "b869c1dc-0cf8-4d8a-b5f3-5b90c557db1c",
       "value": "Anonymous KSA"
+    },
+    {
+      "description": "Aggressive Inventory Zombies is a threat actor involved in a large-scale phishing and pig-butchering network targeting retail brands and cryptocurrency users. They create fraudulent sites using a popular website template that scrapes product details from legitimate e-commerce platforms and integrate chat services for phishing. Financial ties to India have been identified, and collaboration with Stark Industries has led to the dismantling of parts of their infrastructure, revealing the network's breadth. AIZ is also linked to Entropy ransomware infections, which were preceded by detections of Cobalt Strike beacons and Dridex malware.",
+      "meta": {
+        "refs": [
+          "https://www.silentpush.com/blog/aiz-retail-crypto-phishing/"
+        ],
+        "synonyms": [
+          "AIZ"
+        ]
+      },
+      "uuid": "ceabe862-3d89-4696-9d7f-32a4850334d9",
+      "value": "Aggressive Inventory Zombies"
     }
   ],
   "version": 321