chg: [threat-actor] The Big Bang campaign/group added

This commit is contained in:
Alexandre Dulaunoy 2018-07-10 08:49:00 +02:00
parent 43a2c7f0ef
commit 98db303047
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD

View file

@ -2801,6 +2801,16 @@
] ]
}, },
"uuid": "79c7c7e0-79d5-11e8-9b9c-1ff96be20c0b" "uuid": "79c7c7e0-79d5-11e8-9b9c-1ff96be20c0b"
},
{
"value": "The Big Bang",
"description": "While it is not clear exactly what the attacker is looking for, what is clear is that once he finds it, a second stage of the attack awaits, fetching additional modules and/or malware from the Command and Control server. This then is a surveillance attack in progress and has been dubbed Big Bang due to the attackers fondness for the Big Bang Theory TV show, after which some of the malwares modules are named.",
"meta": {
"refs": [
"https://research.checkpoint.com/apt-attack-middle-east-big-bang/",
"https://blog.talosintelligence.com/2017/06/palestine-delphi.html"
]
}
} }
], ],
"name": "Threat actor", "name": "Threat actor",
@ -2815,5 +2825,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 44 "version": 45
} }