diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index b5c6426..2430253 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -12540,6 +12540,22 @@ }, "uuid": "51f056f5-b596-446e-9394-a310af4e2e75", "value": "Guacamaya" + }, + { + "description": "Prodaft researchers have published a report on Paperbug, a cyber-espionage campaign carried out by suspected Russian-speaking group Nomadic Octopus and which targeted entities in Tajikistan. According to Prodaft, known compromised victims included high-ranking government officials, telcos, and public service infrastructures. Compromised devices also included OT devices, besides your typical computers, servers, and mobile devices. In typical Prodaft fashion, the company also gained access to one of the group's C&C server backend panels.", + "meta": { + "aliases": [ + "Nomadic Octopus" + ], + "country": "RU", + "refs": [ + "https://securelist.com/octopus-infested-seas-of-central-asia/88200/", + "https://www.prodaft.com/m/reports/PAPERBUG_TLPWHITE-1.pdf", + "https://www.virusbulletin.com/conference/vb2018/abstracts/nomadic-octopus-cyber-espionage-central-asia/" + ] + }, + "uuid": "7b227f41-efea-4dc0-8a2a-148893795ce4", + "value": "DustSquad" } ], "version": 292