[threat-actors] Add FlyingYeti

This commit is contained in:
Mathieu4141 2024-06-06 01:27:06 -07:00
parent eec91d1465
commit b5f257c4e1

View file

@ -16045,6 +16045,17 @@
}, },
"uuid": "ee13ddb3-e8c0-4568-b56c-82d82c30f48b", "uuid": "ee13ddb3-e8c0-4568-b56c-82d82c30f48b",
"value": "StucxTeam" "value": "StucxTeam"
},
{
"description": "FlyingYeti is a Russia-aligned threat actor targeting Ukrainian military entities. They conduct reconnaissance activities and launch phishing campaigns using malware like COOKBOX. FlyingYeti exploits the WinRAR vulnerability CVE-2023-38831 to infect targets with malicious payloads. Cloudforce One has successfully disrupted their operations and provided recommendations for defense against their phishing campaigns.",
"meta": {
"country": "RU",
"refs": [
"https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine"
]
},
"uuid": "1dcbad05-c5b7-4ec3-8920-45f396554f7a",
"value": "FlyingYeti"
} }
], ],
"version": 310 "version": 310