mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Merge Axiom into APT17
This commit is contained in:
parent
7f82616c10
commit
9b714dcd76
1 changed files with 19 additions and 77 deletions
|
@ -486,7 +486,17 @@
|
|||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"United States"
|
||||
"United States",
|
||||
"Netherlands",
|
||||
"Italy",
|
||||
"Japan",
|
||||
"United Kingdom",
|
||||
"Belgium",
|
||||
"Russia",
|
||||
"Indonesia",
|
||||
"Germany",
|
||||
"Switzerland",
|
||||
"China"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government",
|
||||
|
@ -504,7 +514,10 @@
|
|||
"https://web.archive.org/web/20130920000343/https://www.symantec.com/connect/blogs/hidden-lynx-professional-hackers-hire",
|
||||
"https://www.recordedfuture.com/hidden-lynx-analysis/",
|
||||
"https://www.secureworks.com/research/threat-profiles/bronze-keystone",
|
||||
"https://attack.mitre.org/groups/G0025/"
|
||||
"https://attack.mitre.org/groups/G0025/",
|
||||
"cfr.org/cyber-operations/axiom",
|
||||
"https://attack.mitre.org/groups/G0001/",
|
||||
"https://www.youtube.com/watch?v=NFJqD-LcpIg"
|
||||
],
|
||||
"synonyms": [
|
||||
"APT 17",
|
||||
|
@ -515,7 +528,9 @@
|
|||
"Tailgater Team",
|
||||
"Dogfish",
|
||||
"BRONZE KEYSTONE",
|
||||
"G0025"
|
||||
"G0025",
|
||||
"Group72",
|
||||
"G0001"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
|
@ -526,13 +541,6 @@
|
|||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "24110866-cb22-4c85-a7d2-0413e126694b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "c5947e1c-1cbc-434c-94b8-27c7e3be0fff",
|
||||
"tags": [
|
||||
|
@ -600,72 +608,6 @@
|
|||
"uuid": "9a683d9c-8f7d-43df-bba2-ad0ca71e277c",
|
||||
"value": "Wekby"
|
||||
},
|
||||
{
|
||||
"description": "Axiom is a suspected Chinese cyber espionage group that has targeted the aerospace, defense, government, manufacturing, and media sectors since at least 2008. Some reporting suggests a degree of overlap between Axiom and Winnti Group but the two groups appear to be distinct based on differences in reporting on TTPs and targeting.",
|
||||
"meta": {
|
||||
"attribution-confidence": "50",
|
||||
"cfr-suspected-state-sponsor": "China",
|
||||
"cfr-suspected-victims": [
|
||||
"United States",
|
||||
"Netherlands",
|
||||
"Italy",
|
||||
"Japan",
|
||||
"United Kingdom",
|
||||
"Belgium",
|
||||
"Russia",
|
||||
"Indonesia",
|
||||
"Germany",
|
||||
"Switzerland",
|
||||
"China"
|
||||
],
|
||||
"cfr-target-category": [
|
||||
"Government",
|
||||
"Private sector"
|
||||
],
|
||||
"cfr-type-of-incident": "Espionage",
|
||||
"country": "CN",
|
||||
"refs": [
|
||||
"cfr.org/cyber-operations/axiom",
|
||||
"https://attack.mitre.org/groups/G0001/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Group72",
|
||||
"G0001"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "c5947e1c-1cbc-434c-94b8-27c7e3be0fff",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "090242d7-73fc-4738-af68-20162f7a5aae",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "a0cb9370-e39b-44d5-9f50-ef78e412b973",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "9c124874-042d-48cd-b72b-ccdc51ecbbd6",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "similar"
|
||||
}
|
||||
],
|
||||
"uuid": "24110866-cb22-4c85-a7d2-0413e126694b",
|
||||
"value": "Axiom"
|
||||
},
|
||||
{
|
||||
"description": "Adversary group targeting financial, technology, non-profit organisations.",
|
||||
"meta": {
|
||||
|
@ -7672,7 +7614,7 @@
|
|||
"type": "uses"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "24110866-cb22-4c85-a7d2-0413e126694b",
|
||||
"dest-uuid": "99e30d89-9361-4b73-a999-9e5ff9320bcb",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"very-likely\""
|
||||
],
|
||||
|
|
Loading…
Reference in a new issue