From a4e6ca1c5d4544d586134aeabeaf3339650be7d8 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Tue, 20 Sep 2016 07:47:09 +0200
Subject: [PATCH] FIN6 added

---
 elements/adversary-groups.json | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/elements/adversary-groups.json b/elements/adversary-groups.json
index 539d15f..b170344 100644
--- a/elements/adversary-groups.json
+++ b/elements/adversary-groups.json
@@ -272,7 +272,8 @@
       "synonyms": [
         "APT 17",
         "Deputy Dog",
-        "Group 8"
+        "Group 8",
+        "APT17"
       ]
     },
     {
@@ -285,7 +286,8 @@
         "Dynamite Panda",
         "TG-0416",
         "APT 18",
-        "SCANDIUM"
+        "SCANDIUM",
+        "APT18"
       ]
     },
     {
@@ -944,6 +946,11 @@
        "value": "Suckfly",
        "description": "Suckfly is a China-based threat group that has been active since at least 2014",
        "refs": ["http://www.symantec.com/connect/blogs/suckfly-revealing-secret-life-your-code-signing-certificates"]
+     },
+     {
+       "value": "FIN6",
+       "description": "FIN is a group targeting financial assets including assets able to do financial transaction including PoS.",
+       "refs": ["https://www2.fireeye.com/rs/848-DID-242/images/rpt-fin6.pdf"]
      }
   ]
 }