MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 16:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[threat-actors] Add FlyingYeti

Browse source
This commit is contained in:
Mathieu4141 2024-06-06 01:27:06 -07:00
parent eec91d1465
commit b5f257c4e1
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
clusters/threat-actor.json
View file

@ -16045,6 +16045,17 @@
}, },
"uuid": "ee13ddb3-e8c0-4568-b56c-82d82c30f48b", "uuid": "ee13ddb3-e8c0-4568-b56c-82d82c30f48b",
"value": "StucxTeam" "value": "StucxTeam"
},
{
"description": "FlyingYeti is a Russia-aligned threat actor targeting Ukrainian military entities. They conduct reconnaissance activities and launch phishing campaigns using malware like COOKBOX. FlyingYeti exploits the WinRAR vulnerability CVE-2023-38831 to infect targets with malicious payloads. Cloudforce One has successfully disrupted their operations and provided recommendations for defense against their phishing campaigns.",
"meta": {
"country": "RU",
"refs": [
"https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine"
]
},
"uuid": "1dcbad05-c5b7-4ec3-8920-45f396554f7a",
"value": "FlyingYeti"
} }
], ],
"version": 310 "version": 310