mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-23 07:17:17 +00:00
[threat-actors] Add Caramel Tsunami
This commit is contained in:
parent
ac0fdd61ea
commit
d1dae2085b
1 changed files with 19 additions and 0 deletions
|
@ -14254,6 +14254,25 @@
|
||||||
},
|
},
|
||||||
"uuid": "7db46444-2d27-4922-8a21-98f8509476dc",
|
"uuid": "7db46444-2d27-4922-8a21-98f8509476dc",
|
||||||
"value": "UNC4990"
|
"value": "UNC4990"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Caramel Tsunami is a threat actor that specializes in spyware attacks. They have recently resurfaced with an updated toolset and zero-day exploits, targeting specific victims through watering hole attacks. Candiru has been observed exploiting vulnerabilities in popular browsers like Google Chrome and using third-party signed drivers to gain access to the Windows kernel. They have also been linked to other spyware vendors and have been associated with extensive abuses of their surveillance tools.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://decoded.avast.io/threatresearch/avast-q2-2022-threat-report/",
|
||||||
|
"https://decoded.avast.io/janvojtesek/the-return-of-candiru-zero-days-in-the-middle-east/",
|
||||||
|
"https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/",
|
||||||
|
"https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/",
|
||||||
|
"https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/",
|
||||||
|
"https://www.microsoft.com/en-us/security/blog/2021/07/15/protecting-customers-from-a-private-sector-offensive-actor-using-0-day-exploits-and-devilstongue-malware/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"SOURGUM",
|
||||||
|
"Candiru"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "062938a2-6fa1-4217-ad73-f5e0b5186966",
|
||||||
|
"value": "Caramel Tsunami"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 298
|
"version": 298
|
||||||
|
|
Loading…
Reference in a new issue