Add threat actor group Scarab

This commit is contained in:
Mathieu Beligon 2022-03-28 12:11:34 +02:00
parent 94c3788089
commit c35fad3291

View file

@ -9051,6 +9051,24 @@
}, },
"uuid": "d9e5be22-1a04-4956-af6c-37af02330980", "uuid": "d9e5be22-1a04-4956-af6c-37af02330980",
"value": "LAPSUS" "value": "LAPSUS"
},
{
"description": "Scarab APT was first spotted in 2015, but is believed to have been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The backdoor deployed by Scarab in their campaigns is most commonly known as Scieron.",
"meta": {
"cfr-suspected-victims": [
"Russia",
"Ukraine",
"United States"
],
"cfr-type-of-incident": "Espionage",
"country": "CN",
"refs": [
"https://web.archive.org/web/20150124025612/http://www.symantec.com:80/connect/blogs/scarab-attackers-took-aim-select-russian-targets-2012",
"https://www.sentinelone.com/labs/chinese-threat-actor-scarab-targeting-ukraine"
]
},
"uuid": "ef59014b-79bb-408f-97f1-3c585a240ca7",
"value": "Scarab"
} }
], ],
"version": 215 "version": 215