From c82f1a4dc8ced3d5ca4d859d30a038b2b9740513 Mon Sep 17 00:00:00 2001 From: Mathieu4141 Date: Fri, 28 Jun 2024 02:17:32 -0700 Subject: [PATCH] [threat-actors] Add Boolka --- clusters/threat-actor.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 71c6405..10baf5a 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -16312,6 +16312,16 @@ }, "uuid": "a4d55f94-d842-400a-acb6-dfee1c446257", "value": "Dragonbridge" + }, + { + "description": "Boolka is a threat actor known for infecting websites with malicious JavaScript scripts for data exfiltration. They have been carrying out opportunistic SQL injection attacks since at least 2022. Boolka has developed a malware delivery platform based on the BeEF framework and has been distributing the BMANAGER trojan. Their activities demonstrate a progression from basic website infections to more sophisticated malware operations.", + "meta": { + "refs": [ + "https://www.group-ib.com/blog/boolka/" + ] + }, + "uuid": "99ad0cef-c53a-44d5-85d4-5459e59a06d5", + "value": "Boolka" } ], "version": 312