From bd05eb0bba6d732a4cd35d4ad4ed90072d8b7912 Mon Sep 17 00:00:00 2001 From: Thomas Dupuy Date: Mon, 11 Apr 2022 17:03:19 +0000 Subject: [PATCH] upd: [cluster] add Threat Actor BladeHawk. --- clusters/threat-actor.json | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index f81a8a9..c5a7b6d 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -9104,7 +9104,27 @@ }, "uuid": "ef59014b-79bb-408f-97f1-3c585a240ca7", "value": "Scarab" + }, + { + "description": "", + "meta": { + "cfr-suspected-victims": [ + "Kurdistan" + ], + "cfr-target-category": [ + "Government" + ], + "cfr-type-of-incident": "Espionage", + "refs": [ + "https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/", + "https://telegra.ph/Discover-Malware-Android-03-26", + "https://ti.qianxin.com/blog/articles/Blade-hawk-The-activities-of-targeted-the-Middle-East-and-West-Asia-are-exposed/" + ], + "synonyms": [] + }, + "uuid": "0d72c57c-73e3-4739-8144-c8055cabd7dc", + "value": "BladeHawk" } ], - "version": 216 + "version": 217 }