[threat-actors] Add DustSquad

2024-11-22 23:07:19 +00:00 · 2023-11-07 14:47:11 +01:00 · 2023-11-07 14:47:11 +01:00 · d1f382602c
commit d1f382602c
parent bc8904110b
1 changed files with 16 additions and 0 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -12540,6 +12540,22 @@
      },
      "uuid": "51f056f5-b596-446e-9394-a310af4e2e75",
      "value": "Guacamaya"
+    },
+    {
+      "description": "Prodaft researchers have published a report on Paperbug, a cyber-espionage campaign carried out by suspected Russian-speaking group Nomadic Octopus and which targeted entities in Tajikistan. According to Prodaft, known compromised victims included high-ranking government officials, telcos, and public service infrastructures. Compromised devices also included OT devices, besides your typical computers, servers, and mobile devices. In typical Prodaft fashion, the company also gained access to one of the group's C&C server backend panels.",
+      "meta": {
+        "aliases": [
+          "Nomadic Octopus"
+        ],
+        "country": "RU",
+        "refs": [
+          "https://securelist.com/octopus-infested-seas-of-central-asia/88200/",
+          "https://www.prodaft.com/m/reports/PAPERBUG_TLPWHITE-1.pdf",
+          "https://www.virusbulletin.com/conference/vb2018/abstracts/nomadic-octopus-cyber-espionage-central-asia/"
+        ]
+      },
+      "uuid": "7b227f41-efea-4dc0-8a2a-148893795ce4",
+      "value": "DustSquad"
    }
  ],
  "version": 292