mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
Update Gamaredon target
This commit is contained in:
parent
27c05a118e
commit
d3d241ca54
1 changed files with 8 additions and 1 deletions
|
@ -4190,6 +4190,12 @@
|
||||||
{
|
{
|
||||||
"description": "Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. In the past, the Gamaredon Group has relied heavily on off-the-shelf tools. Our new research shows the Gamaredon Group have made a shift to custom-developed malware. We believe this shift indicates the Gamaredon Group have improved their technical capabilities.",
|
"description": "Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. In the past, the Gamaredon Group has relied heavily on off-the-shelf tools. Our new research shows the Gamaredon Group have made a shift to custom-developed malware. We believe this shift indicates the Gamaredon Group have improved their technical capabilities.",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
"cfr-suspected-victims": [
|
||||||
|
"Ukraine"
|
||||||
|
],
|
||||||
|
"cfr-target-category": [
|
||||||
|
"Government"
|
||||||
|
],
|
||||||
"refs": [
|
"refs": [
|
||||||
"http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution",
|
"http://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution",
|
||||||
"https://www.lookingglasscyber.com/wp-content/uploads/2015/08/Operation_Armageddon_Final.pdf",
|
"https://www.lookingglasscyber.com/wp-content/uploads/2015/08/Operation_Armageddon_Final.pdf",
|
||||||
|
@ -4200,7 +4206,8 @@
|
||||||
"https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/",
|
"https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/",
|
||||||
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine",
|
"https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine",
|
||||||
"https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/",
|
"https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/",
|
||||||
"https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/"
|
"https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/",
|
||||||
|
"https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"Primitive Bear",
|
"Primitive Bear",
|
||||||
|
|
Loading…
Reference in a new issue