mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add UNC4736
This commit is contained in:
parent
365bbbe24a
commit
8e53536147
1 changed files with 11 additions and 0 deletions
|
@ -13861,6 +13861,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "0b792fbe-87c2-42c5-8d0d-97c7d47078b5",
|
"uuid": "0b792fbe-87c2-42c5-8d0d-97c7d47078b5",
|
||||||
"value": "Solntsepek"
|
"value": "Solntsepek"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UNC4736 is a North Korean threat actor that has been involved in supply chain attacks targeting software chains of 3CX and X_TRADER. They have used malware strains such as TAXHAUL, Coldcat, and VEILEDSIGNAL to compromise Windows and macOS systems. UNC4736 has been linked to financially motivated cybercrime operations, particularly focused on cryptocurrency and fintech-related services. They have also demonstrated infrastructure overlap with other North Korean and APT43 activity.",
|
||||||
|
"meta": {
|
||||||
|
"country": "KP",
|
||||||
|
"refs": [
|
||||||
|
"https://www.mandiant.com/resources/blog/3cx-software-supply-chain-compromise"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "afe5526e-e5e4-4b05-bc69-2bfb6785fc7e",
|
||||||
|
"value": "UNC4736"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 296
|
"version": 296
|
||||||
|
|
Loading…
Reference in a new issue