MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add UNC4990

Browse source
This commit is contained in:
Mathieu4141 2024-02-01 11:01:57 -08:00
parent 4388309aa0
commit 9756306d98
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -14242,6 +14242,17 @@
},
"uuid": "3ce9610b-2435-4c41-80d1-3f95a5ff2984",
"value": "Mustard Tempest"
},
{
"description": "UNC4990 is a financially motivated threat actor that has been active since at least 2020. They primarily target users in Italy and rely on USB devices for initial infection. The group has evolved their tactics over time, using encoded text files on popular websites like GitHub and Vimeo to host payloads. They have been observed using sophisticated backdoors like QUIETBOARD and EMPTYSPACE, and have targeted organizations in various industries, particularly in Italy.",
"meta": {
"country": "IT",
"refs": [
"https://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware"
]
},
"uuid": "7db46444-2d27-4922-8a21-98f8509476dc",
"value": "UNC4990"
}
],
"version": 298