diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index d0ebb86..b5c6426 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -12524,6 +12524,22 @@ }, "uuid": "7133a722-088c-4d5a-b2e0-a1f9915f807d", "value": "SharpPanda" + }, + { + "description": "Guacamaya has conducted multiple hack and leak campaigns against military and police agencies and mining companies across Latin America, which they believe have played a role in the region’s environmental degradation and repression of native populations.", + "meta": { + "refs": [ + "https://cyberscoop.com/environmentalist-hacktivist-collective-mining-company/", + "https://srslyriskybiz.substack.com/p/recent-cyber-chaos-is-a-structural", + "https://finance.yahoo.com/news/analysis-mexico-data-hack-exposes-003101651.html", + "https://www.redpacketsecurity.com/guacamaya-hacktivists-stole-sensitive-data-from-mexico-and-latin-american-countries/", + "https://research.checkpoint.com/2022/3rd-october-threat-intelligence-report/", + "https://www.cyberscoop.com/central-american-hacking-group-releases-emails/", + "https://therecord.media/mexican-army-spyware" + ] + }, + "uuid": "51f056f5-b596-446e-9394-a310af4e2e75", + "value": "Guacamaya" } ], "version": 292