[threat-actors] Add CYBORG SPIDER alias to GOCLD BURLAP

2024-11-22 23:07:19 +00:00 · 2023-03-01 15:45:41 -08:00 · 2023-03-01 15:45:41 -08:00 · 7d371b4c80
commit 7d371b4c80
parent fa57354471
1 changed files with 24 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -8468,10 +8468,33 @@
    {
      "description": "GOLD BURLAP is a group of financially motivated criminals responsible for the development of the Pysa ransomware, also referred to as Mespinoza. Pysa is a cross-platform ransomware with known versions written in C++ and Python. As of December 2020, approximately 50 organizations had reportedly been targeted in Pysa ransomware attacks. The operators leverage 'name and shame' tactics to apply additional pressure to victims. As of January 2021, CTU researchers had found no Pysa advertisements on underground forums, which likely indicates that it is not operated as ransomware as a service (RaaS).",
      "meta": {
+        "cfr-target-category": [
+          "Healthcare"
+        ],
        "refs": [
-          "http://www.secureworks.com/research/threat-profiles/gold-burlap"
+          "http://www.secureworks.com/research/threat-profiles/gold-burlap",
+          "https://www.hhs.gov/sites/default/files/mespinoza-goldburlap-cyborgspider-analystnote-tlpwhite.pdf"
+        ],
+        "synonyms": [
+          "CYBORG SPIDER"
        ]
      },
+      "related": [
+        {
+          "dest-uuid": "68a7ca8e-2902-43f2-ad23-a77b4c48221d",
+          "tags": [
+            "estimative-language:likelihood-probability=\"very-likely\""
+          ],
+          "type": "uses"
+        },
+        {
+          "dest-uuid": "588fb91d-59c6-4667-b299-94676d48b17b",
+          "tags": [
+            "estimative-language:likelihood-probability=\"very-likely\""
+          ],
+          "type": "uses"
+        }
+      ],
      "uuid": "d34ca487-1613-4ee5-8930-2ac8a60f945f",
      "value": "GOLD BURLAP"
    },