MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-30 02:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add two wipers to tools

Browse source
This commit is contained in:
Deborah Servili 2020-01-14 15:54:06 +01:00
parent 53df69a1eb
commit bfcc867ee6
No known key found for this signature in database
GPG key ID: 7E3A832850D4D7D1
1 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
clusters/tool.json
View file

@ -7915,7 +7915,27 @@
}, },
"uuid": "a0736351-1721-42ed-a057-19b4b93b585e", "uuid": "a0736351-1721-42ed-a057-19b4b93b585e",
"value": "NBTScan" "value": "NBTScan"
},
{
"description": "ZeroCleare was used to execute a destructive attack that affected organizations in the energy and industrial sectorsin the Middle East. Based on the analysis of the malware and the attackers behavior, we suspect Iran-based nation state adversaries were involved to develop and deploy this new wiper. ",
"meta": {
"refs": [
"https://www.ibm.com/downloads/cas/OAJ4VZNJ"
]
},
"uuid": "40fdcaac-a733-4088-9058-7b15a415b943",
"value": "ZeroCleare"
},
{
"description": "At the heart of the recent Bapco attack is a new strain of malware named Dustman. According to an analysis by Saudi Arabia's cyber-security agency, Dustman is a so-called data wiper -- malware designed to delete data on infected computers, once launched into execution.\nDustman represents the third different data-wiping malware linked to the Tehran regime. Iranian state-backed hackers have a long history of developing data-wiping malware.",
"meta": {
"refs": [
"https://mobile.twitter.com/IntezerLabs/status/1215252764080644098"
]
},
"uuid": "ff692a4c-23ff-4e86-a03b-2de8d36bc98f",
"value": "Dustman"
} }
], ],
"version": 129 "version": 130
} }