mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 00:37:18 +00:00
[threat-actors] Add UAC-0102
This commit is contained in:
parent
679a59e96d
commit
90338e0e0f
1 changed files with 11 additions and 0 deletions
|
@ -16433,6 +16433,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "a86e4a0d-95cf-4ce0-b26c-d1fbb7cc84bc",
|
"uuid": "a86e4a0d-95cf-4ce0-b26c-d1fbb7cc84bc",
|
||||||
"value": "Stargazer Goblin"
|
"value": "Stargazer Goblin"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UAC-0102 is a threat actor group targeting UKR.NET users through phishing attacks. They distribute emails with HTML file attachments that redirect users to a fraudulent website to steal authentication data. Security teams can use Sigma rules to detect their phishing campaigns and leverage IOCs provided by CERT-UA to hunt for their activity in SIEM or EDR environments.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://socprime.com/blog/uac-0102-phishing-attack-detection-hackers-steal-authentication-data-impersonating-the-ukr-net-web-service/",
|
||||||
|
"https://cert.gov.ua/article/4928679"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "7dd2e8ee-4232-43f5-9866-006160f19aea",
|
||||||
|
"value": "UAC-0102"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 312
|
"version": 312
|
||||||
|
|
Loading…
Reference in a new issue