[threat-actors] Add Carderbee

This commit is contained in:
Mathieu Beligon 2023-11-03 19:02:12 +01:00
parent 1343cdb35a
commit 84fda6ef72

View file

@ -12345,6 +12345,18 @@
}, },
"uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7", "uuid": "f939b51d-32f9-41d9-8549-f00b2db104c7",
"value": "RansomVC" "value": "RansomVC"
},
{
"description": "Symantec recently reported on activity attributed to a threat actor group dubbed Carderbee. In the campaign, the threat actors target entities in Hong Kong and other regions of Asia via a supply chain attack leveraging the legitimate Cobra DocGuard software. The activity began as early as September 2022.",
"meta": {
"refs": [
"https://blog.eclecticiq.com/chinese-state-sponsored-cyber-espionage-activity-targeting-semiconductor-industry-in-east-asia",
"https://blog.polyswarm.io/carderbee-targets-hong-kong-in-supply-chain-attack",
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/carderbee-software-supply-chain-certificate-abuse"
]
},
"uuid": "ce793b99-0cf2-4148-831c-ea5f6a9e0a76",
"value": "Carderbee"
} }
], ],
"version": 289 "version": 289