mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add CRYSTALRAY
This commit is contained in:
parent
d77d3398ab
commit
a944be0d25
1 changed files with 10 additions and 0 deletions
|
@ -16368,6 +16368,16 @@
|
||||||
},
|
},
|
||||||
"uuid": "df584835-97da-4e27-ab35-bcd3c5bf7815",
|
"uuid": "df584835-97da-4e27-ab35-bcd3c5bf7815",
|
||||||
"value": "Void Banshee"
|
"value": "Void Banshee"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "CRYSTALRAY is a threat actor known for leveraging open source tools like zmap and SSH-Snake to conduct widespread vulnerability scanning and exploitation. They target victims to collect and sell credentials, deploy cryptominers, and maintain persistence in compromised environments. CRYSTALRAY uses multiple backdoors to control access and spreads through victim networks using SSH-Snake. The actor also uses tools like Platypus for managing victims and extracting sensitive information from compromised systems.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://sysdig.com/blog/crystalray-rising-threat-actor-exploiting-oss-tools/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "feeab818-a9bd-4bff-9923-bf8421abd6c5",
|
||||||
|
"value": "CRYSTALRAY"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 312
|
"version": 312
|
||||||
|
|
Loading…
Reference in a new issue