[threat-actors] Add Raspberry Typhoon

This commit is contained in:
Mathieu4141 2024-02-01 11:02:01 -08:00
parent 7a2cfa4f42
commit a1dfeca461

View file

@ -14406,6 +14406,20 @@
}, },
"uuid": "03ff54cf-f7d4-4606-a531-2ca6d4fa6a54", "uuid": "03ff54cf-f7d4-4606-a531-2ca6d4fa6a54",
"value": "Ruby Sleet" "value": "Ruby Sleet"
},
{
"description": "Microsoft has tracked Raspberry Typhoon (RADIUM) as the primary threat group targeting nations that ring the South China Sea. Raspberry Typhoon consistently targets government ministries, military entities, and corporate entities connected to critical infrastructure, particularly telecoms. Since January 2023, Raspberry Typhoon has been particularly persistent. When targeting government ministries or infrastructure, Raspberry Typhoon typically conducts intelligence collection and malware execution. In many countries, targets vary from defense and intelligence-related ministries to economic and trade-related ministries",
"meta": {
"country": "CN",
"refs": [
"https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW1aFyW"
],
"synonyms": [
"RADIUM"
]
},
"uuid": "37f012df-54d8-4b3d-a288-af47240430ea",
"value": "Raspberry Typhoon"
} }
], ],
"version": 298 "version": 298