mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
[threat-actors] Add Pink Sandstorm
This commit is contained in:
parent
22d3ea5ebf
commit
ae82f07fd8
1 changed files with 23 additions and 0 deletions
|
@ -14499,6 +14499,29 @@
|
|||
},
|
||||
"uuid": "5ec7a98e-9725-4f87-8a6e-91e2b4ba04ac",
|
||||
"value": "Storm-1044"
|
||||
},
|
||||
{
|
||||
"description": "Agonizing Serpens is an Iranian-linked APT group that has been active since 2020. They are known for their destructive wiper and fake-ransomware attacks, primarily targeting Israeli organizations in the education and technology sectors. The group has strong connections to Iran's Ministry of Intelligence and Security and has been observed using various tools and techniques to bypass security measures. They aim to steal sensitive information, including PII and intellectual property, and inflict damage by wiping endpoints.",
|
||||
"meta": {
|
||||
"country": "IR",
|
||||
"refs": [
|
||||
"https://www.oodaloop.com/archive/2024/01/02/critical-infrastructure-remains-the-brass-ring-for-cyber-attackers-in-2024/",
|
||||
"https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/",
|
||||
"https://socprime.com/blog/agonizing-serpens-attack-detection-iran-backed-hackers-target-israeli-tech-firms-and-educational-institutions/",
|
||||
"https://therecord.media/iran-linked-hackers-target-israel-education-tech-sectors",
|
||||
"https://www.enigmasoftware.com/moneybirdransomware-removal/",
|
||||
"https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/"
|
||||
],
|
||||
"synonyms": [
|
||||
"AMERICIUM",
|
||||
"BlackShadow",
|
||||
"DEV-0022",
|
||||
"Agrius",
|
||||
"Agonizing Serpens"
|
||||
]
|
||||
},
|
||||
"uuid": "0876c327-c82a-45f7-82fa-267c312ceb05",
|
||||
"value": "Pink Sandstorm"
|
||||
}
|
||||
],
|
||||
"version": 298
|
||||
|
|
Loading…
Reference in a new issue