From 8ba48b446af7720d38ffa46aa12de7f87d4d328a Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Tue, 18 Jun 2024 04:51:29 -0700
Subject: [PATCH] [threat-actors] Add Sp1d3r

---
 clusters/threat-actor.json | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index b3a01fb..ab3d9ce 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -16121,6 +16121,17 @@
       },
       "uuid": "b8c6da46-4c9a-4075-b9f3-3b5ef7bd3534",
       "value": "UNC5537"
+    },
+    {
+      "description": "Sp1d3r, a threat actor, has been involved in multiple data breaches targeting companies like Truist Bank, Cylance, and Advance Auto Parts. They have stolen and attempted to sell sensitive information, including customer and employee emails, account numbers, and source code. Sp1d3r has also claimed to have obtained data from a third-party platform and a cloud storage vendor. They have utilized hacking forums to sell the stolen data for significant sums of money.",
+      "meta": {
+        "refs": [
+          "https://www.cysecurity.news/2024/06/truist-bank-confirms-data-breach-after.html",
+          "https://research.checkpoint.com/2024/17th-june-threat-intelligence-report/"
+        ]
+      },
+      "uuid": "2be04e23-4376-4333-87df-27d635e43a98",
+      "value": "Sp1d3r"
     }
   ],
   "version": 310