chg: [threat-actor] Budminer APT added based on document from "Soesanto, Stefan"

Ref: https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/389371/1/Cyber-Reports-2020-01-A-one-sided-Affair.pdf Ref: https://www.symantec.com/connect/blogs/taiwan-targeted-new-cyberespionage-back-door-trojan
2024-11-22 23:07:19 +00:00 · 2020-01-18 17:02:44 +01:00 · 2020-01-18 17:02:44 +01:00 · 8eeceafc51
commit 8eeceafc51
parent 2b6db13477
1 changed files with 13 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -7872,7 +7872,19 @@
      },
      "uuid": "c4ce1174-9462-47e9-8038-794f40a184b3",
      "value": "SideWinder"
+    },
+    {
+      "description": "Based on the evidence we have presented Symantec attributed the activity involving theDripion malware to the Budminer advanced threat group. While we have not seen newcampaigns using Taidoor malware since 2014, we believe the Budminer group has changedtactics to avoid detection after being outed publicly in security white papers and blogs over thepast few years.",
+      "value": "Budminer",
+      "meta": [
+        "https://www.symantec.com/connect/blogs/taiwan-targeted-new-cyberespionage-back-door-trojan",
+        "https://app.box.com/s/xqh458fe1url7mgl072hhd0yxqw3x0jm",
+        "https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/389371/1/Cyber-Reports-2020-01-A-one-sided-Affair.pdf"
+      ],
+      "synonyms": "Budminer cyberespionage group",
+      "suspected-victims": "Taiwan",
+      "country": "CN"
    }
  ],
-  "version": 149
+  "version": 150
 }