[threat-actors] Add Cotton Sandstorm

This commit is contained in:
Mathieu4141 2024-01-22 10:01:13 -08:00
parent b61a0a60a2
commit b8a504c174

View file

@ -14094,6 +14094,25 @@
}, },
"uuid": "6a77a337-bfa0-416c-8c06-1d489d0d6838", "uuid": "6a77a337-bfa0-416c-8c06-1d489d0d6838",
"value": "Caliente Bandits" "value": "Caliente Bandits"
},
{
"description": "Cotton Sandstorm is an Iranian threat actor involved in hack-and-leak operations. They have targeted various organizations, including the French satirical magazine Charlie Hebdo, where they obtained and leaked personal information of over 200,000 customers. The group has been linked to the Iranian government and has been sanctioned by the US Treasury",
"meta": {
"country": "IR",
"refs": [
"https://blog.sekoia.io/iran-cyber-threat-overview/",
"https://blogs.microsoft.com/on-the-issues/2023/02/03/dtac-charlie-hebdo-hack-iran-neptunium/",
"https://www.ic3.gov/Media/News/2022/220126.pdf",
"https://www.microsoft.com/en-us/security/business/security-insider/threat-briefs/iran-response-for-charlie-hebdo-attacks/"
],
"synonyms": [
"Emennet Pasargad",
"Holy Souls",
"NEPTUNIUM"
]
},
"uuid": "bbb389f2-344f-4ca8-a9c9-902061f88deb",
"value": "Cotton Sandstorm"
} }
], ],
"version": 297 "version": 297