MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-22 14:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

KeyBoy malware added

Browse source
This commit is contained in:
Alexandre Dulaunoy 2016-11-21 09:21:55 +01:00
parent 73ea36a29d
commit b38799044d
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
clusters/tools.json
View file

@ -617,6 +617,11 @@
"value": "Explosive",
"description": "Beginning in late 2012, a carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of targets using various attack techniques, and specifically, a custom-made malware implant codenamed Explosive. ",
"refs": ["https://www.checkpoint.com/downloads/volatile-cedar-technical-report.pdf"]
},
{
"value": "KeyBoy",
"description": "The actors used a new version of “KeyBoy,” a custom backdoor first disclosed by researchers at Rapid7 in June 2013. Their work outlined the capabilities of the backdoor, and exposed the protocols and algorithms used to hide the network communication and configuration data",
"refs": ["https://citizenlab.org/2016/11/parliament-keyboy/", "https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india"]
}
],
"version": 2,