MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 23:07:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[threat-actors] Add Gitloker

Browse source
This commit is contained in:
Mathieu4141 2024-06-18 04:51:29 -07:00
parent fb177f95db
commit b317c4ff6b
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -16099,6 +16099,17 @@
}, },
"uuid": "fd17cd3c-5131-4907-be7d-83a0c7dabd36", "uuid": "fd17cd3c-5131-4907-be7d-83a0c7dabd36",
"value": "UTG-Q-008" "value": "UTG-Q-008"
},
{
"description": "Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to compromise accounts, claim to have created a backup, and instruct victims to contact them on Telegram. The attackers leave a ransom note in the form of a README file, urging victims to negotiate the return of their data. GitHub is working to combat these evolving attacks and the vulnerabilities they exploit.",
"meta": {
"refs": [
"https://www.itsecurityguru.org/2024/06/13/guest-blog-proactive-application-security-learning-from-the-recent-github-extortion-campaigns/",
"https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/"
]
},
"uuid": "75cc313a-6a95-4ab8-b7f8-bfd7e4a7fe00",
"value": "Gitloker"
} }
], ],
"version": 310 "version": 310