MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 00:37:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add Void Arachne

Browse source
This commit is contained in:
Mathieu4141 2024-06-24 02:35:57 -07:00
parent dded13d5c2
commit 879ae26c55
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
clusters/threat-actor.json
View file

@ -16175,6 +16175,16 @@
}, },
"uuid": "318be739-26fd-4f4d-bac8-aa20ec8273b7", "uuid": "318be739-26fd-4f4d-bac8-aa20ec8273b7",
"value": "UAC-0020" "value": "UAC-0020"
},
{
"description": "Void Arachne is a threat actor group targeting Chinese-speaking users with malicious MSI files containing legitimate software installers for AI software. They exploit public interest in VPN technology and AI software to distribute malware through SEO poisoning and Chinese-language-themed Telegram channels. The group's campaign includes bundling malicious Winos payloads with deepfake pornography-generating AI software and voice-and-face-swapping AI software. Void Arachne also promotes AI technologies for virtual kidnapping and uses AI voice-alternating technology to pressure victims into paying ransom.",
"meta": {
"refs": [
"https://www.trendmicro.com/en_us/research/24/f/behind-the-great-wall-void-arachne-targets-chinese-speaking-user.html"
]
},
"uuid": "2ac0db88-8e88-447b-ad44-f781326f5884",
"value": "Void Arachne"
} }
], ],
"version": 312 "version": 312