diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index a2ba1b3..7970ccc 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -15981,6 +15981,19 @@ }, "uuid": "53ac2695-35ba-4ab2-a5cd-48ca533f1b72", "value": "Void Manticore" + }, + { + "description": "ALPHA SPIDER is a threat actor known for developing and operating the Alphv ransomware as a service. They have been observed using novel offensive techniques, such as exploiting software vulnerabilities and leveraging legitimate administration tools for malicious activities. ALPHA SPIDER affiliates have demonstrated persistence in exfiltrating data and have shown the ability to bypass security measures like DNS-based filtering and multifactor authentication. Despite lacking specific operational security measures, defenders have opportunities to detect and respond to ALPHA SPIDER's operations effectively.", + "meta": { + "refs": [ + "https://www.crowdstrike.com/blog/anatomy-of-alpha-spider-ransomware/" + ], + "synonyms": [ + "ALPHV Ransomware Group" + ] + }, + "uuid": "6149f3b6-510d-4e45-bf88-cd25c7193702", + "value": "Alpha Spider" } ], "version": 309