[threat-actors] Add Earth Hundun

This commit is contained in:
Mathieu4141 2024-04-17 10:09:09 -07:00
parent 64533dba91
commit bf5dd6e382

View file

@ -15620,6 +15620,17 @@
}, },
"uuid": "2742b229-02f4-40d0-9b99-91844a2b030e", "uuid": "2742b229-02f4-40d0-9b99-91844a2b030e",
"value": "RUBYCARP" "value": "RUBYCARP"
},
{
"description": "Earth Hundun is a cyberespionage threat actor targeting technology and government sectors in the Asia-Pacific region. They are known for using the Waterbear and Deuterbear malware, which have advanced evasion tactics and anti-analysis mechanisms. The group has been active since at least 2009 and continuously refines their malware to bypass antivirus software. Earth Hundun's attacks involve phishing emails, malware droppers, and backdoors to infiltrate organizations and gather intelligence.",
"meta": {
"refs": [
"https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html",
"https://blogs.jpcert.or.jp/en/2022/03/jsac2022report1.html"
]
},
"uuid": "edd85e27-9d05-4bc7-9b2b-5422e909336a",
"value": "Earth Hundun"
} }
], ],
"version": 305 "version": 305