Add Avivore & HAZY TIGER/Bitter

This commit is contained in:
Rony 2022-04-02 01:14:18 +05:30 committed by GitHub
parent 50f39edc10
commit a08ddaf548
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -9037,6 +9037,35 @@
"uuid": "d45dd940-b38d-4b2c-9f2f-3e4a0eac841c", "uuid": "d45dd940-b38d-4b2c-9f2f-3e4a0eac841c",
"value": "MosesStaff" "value": "MosesStaff"
}, },
{
"description": "The groups existence came to light during Contexts investigation of a number of attacks against multinational enterprises that compromise smaller engineering services and consultancies working in their supply chains.",
"meta": {
"country": "CN",
"refs": [
"https://www.computerweekly.com/news/252471769/New-threat-group-behind-Airbus-cyber-attacks-claim-researchers",
"https://www.contextis.com/en/news/context-identifies-new-avivore-threat-group",
"https://www.contextis.com/en/blog/avivore"
]
},
"uuid": "8045fc09-13d6-4f90-b239-ed5060b9297b",
"value": "Avivore"
},
{
"description": "The Bitter threat group initially started using RAT tools in their campaigns, as the first Bitter versions, for Android released in 2014 were based on the AndroRAT framework. Over time, they switched to a custom version that has been known as BitterRAT ever since.",
"meta": {
"country": "IN",
"refs": [
"https://www.bitdefender.com/files/News/CaseStudies/study/352/Bitdefender-PR-Whitepaper-BitterAPT-creat4571-en-EN-GenericUse.pdf"
],
"synonyms": [
"Bitter",
"T-APT-17",
"APT-C-08"
]
},
"uuid": "1e9bd6fe-e009-41ce-8e92-ad78c73ee772",
"value": "HAZY TIGER"
},
{ {
"description": "An actor group conducting large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.", "description": "An actor group conducting large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.",
"meta": { "meta": {