[threat-actors] Add KelvinSecurity

2024-11-22 23:07:19 +00:00 · 2024-01-08 05:23:28 -08:00 · 2024-01-08 05:23:28 -08:00 · ce4be94d8b
commit ce4be94d8b
parent 05f260c9d8
1 changed files with 14 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -13926,6 +13926,20 @@
      },
      "uuid": "ef9f4e6d-4262-4fca-9535-56af9e46281f",
      "value": "Team-Xecuter"
+    },
+    {
+      "description": "KelvinSecurity is a hacker group that has been active since at least 2015. They are known for their hacktivist and black hat activities, targeting public and private organizations globally. The group sells and leaks databases, documents, and access belonging to their victims, often on the dark web or their own platforms. They have been involved in attacks against various sectors, including telecommunications, political parties, and healthcare.",
+      "meta": {
+        "country": "ES",
+        "refs": [
+          "https://securelist.com/kaspersky-security-bulletin-apt-predictions-2024/111048/",
+          "https://www.privacyaffairs.com/kelvinsecurity-hacking-group-morena/",
+          "https://www.databreaches.net/bits-n-pieces-trozos-y-piezas-31/",
+          "https://www.ibtimes.com/anonymous-challenges-russias-supposed-cyber-prowess-repeat-rosatom-breach-leaks-data-3505131"
+        ]
+      },
+      "uuid": "7b8845d9-d7f5-4895-9dcc-54da3492bd55",
+      "value": "KelvinSecurity"
    }
  ],
  "version": 296