mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 00:37:18 +00:00
[threat-actors] Add UAC-0102
This commit is contained in:
parent
679a59e96d
commit
90338e0e0f
1 changed files with 11 additions and 0 deletions
|
@ -16433,6 +16433,17 @@
|
|||
},
|
||||
"uuid": "a86e4a0d-95cf-4ce0-b26c-d1fbb7cc84bc",
|
||||
"value": "Stargazer Goblin"
|
||||
},
|
||||
{
|
||||
"description": "UAC-0102 is a threat actor group targeting UKR.NET users through phishing attacks. They distribute emails with HTML file attachments that redirect users to a fraudulent website to steal authentication data. Security teams can use Sigma rules to detect their phishing campaigns and leverage IOCs provided by CERT-UA to hunt for their activity in SIEM or EDR environments.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://socprime.com/blog/uac-0102-phishing-attack-detection-hackers-steal-authentication-data-impersonating-the-ukr-net-web-service/",
|
||||
"https://cert.gov.ua/article/4928679"
|
||||
]
|
||||
},
|
||||
"uuid": "7dd2e8ee-4232-43f5-9866-006160f19aea",
|
||||
"value": "UAC-0102"
|
||||
}
|
||||
],
|
||||
"version": 312
|
||||
|
|
Loading…
Reference in a new issue