mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add Karakurt
This commit is contained in:
parent
7d371b4c80
commit
84faa3c92b
1 changed files with 45 additions and 0 deletions
|
@ -10466,6 +10466,51 @@
|
||||||
],
|
],
|
||||||
"uuid": "eafdd27f-a3e2-4bb1-ae03-bf9ca5ff0355",
|
"uuid": "eafdd27f-a3e2-4bb1-ae03-bf9ca5ff0355",
|
||||||
"value": "Chamelgang"
|
"value": "Chamelgang"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Karakurt actors have employed a variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation. Karakurt victims have not reported encryption of compromised machines or files; rather, Karakurt actors have claimed to steal data and threatened to auction it off or release it to the public unless they receive payment of the demanded ransom. Known ransom demands have ranged from $25,000 to $13,000,000 in Bitcoin, with payment deadlines typically set to expire within a week of first contact with the victim.",
|
||||||
|
"meta": {
|
||||||
|
"cfr-suspected-victims": [
|
||||||
|
"Canada",
|
||||||
|
"Germany",
|
||||||
|
"United Kingdom",
|
||||||
|
"United States"
|
||||||
|
],
|
||||||
|
"cfr-type-of-incident": "Extortion",
|
||||||
|
"references": [
|
||||||
|
"https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-152a",
|
||||||
|
"https://www.advintel.io/post/enter-karakurt-data-extortion-arm-of-prolific-ransomware-group",
|
||||||
|
"https://www.accenture.com/us-en/blogs/cyber-defense/karakurt-threat-mitigation"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Karakurt Lair"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"related": [
|
||||||
|
{
|
||||||
|
"dest-uuid": "1a1d3ea4-972e-4c48-8d85-08d9db8f1550",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "588fb91d-59c6-4667-b299-94676d48b17b",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"dest-uuid": "7d71d21e-68f0-4595-beee-7c353471463d",
|
||||||
|
"tags": [
|
||||||
|
"estimative-language:likelihood-probability=\"likely\""
|
||||||
|
],
|
||||||
|
"type": "uses"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"uuid": "035fbd5c-e4a1-4c7b-80fb-f5a89a361aed",
|
||||||
|
"value": "Karakurt"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 260
|
"version": 260
|
||||||
|
|
Loading…
Reference in a new issue