Separate APT30 from Naikon group

This commit is contained in:
Alexandre Dulaunoy 2017-01-06 22:26:53 +01:00
parent ea9ebaf5d6
commit a6cb478a3b

View file

@ -289,7 +289,6 @@
"meta": { "meta": {
"synonyms": [ "synonyms": [
"PLA Unit 78020", "PLA Unit 78020",
"APT 30",
"Override Panda", "Override Panda",
"Camerashy", "Camerashy",
"APT.Naikon" "APT.Naikon"
@ -1089,10 +1088,13 @@
{ {
"meta": { "meta": {
"refs": [ "refs": [
"https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf" "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf", "https://attack.mitre.org/wiki/Group/G0013"
] ],
"synonyms": ["APT 30"],
"country": "CN"
}, },
"value": "APT30" "value": "APT30",
"description": "APT30 is a threat group suspected to be associated with the Chinese government. While Naikon shares some characteristics with APT30, the two groups do not appear to be exact matches."
}, },
{ {
"meta": { "meta": {
@ -1256,5 +1258,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 9 "version": 10
} }