mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add ResumeLooters
This commit is contained in:
parent
6ddf39e1ae
commit
d3f5a26ec0
1 changed files with 10 additions and 0 deletions
|
@ -15208,6 +15208,16 @@
|
||||||
},
|
},
|
||||||
"uuid": "c74f78d1-3728-4bb9-b84f-0e46d2e870b2",
|
"uuid": "c74f78d1-3728-4bb9-b84f-0e46d2e870b2",
|
||||||
"value": "ProCC"
|
"value": "ProCC"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Since the beginning of 2023, ResumeLooters have been able to compromise at least 65 websites. The group employs a variety of simple techniques, including SQL injection and XSS. The threat actor attempted to insert XSS scripts into all available forms, aiming to execute it on the administrators’ device to obtain admin credentials. While the group was able to execute the XSS script on some visitors’ devices with administrative access, allowing ResumeLooters to steal the HTML code of the pages the victims were visiting, Group-IB did not find any confirmation of admin credential thefts.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.group-ib.com/blog/resumelooters/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "76dbe26b-8b39-40f5-bc2b-9620004f388e",
|
||||||
|
"value": "ResumeLooters"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 301
|
"version": 301
|
||||||
|
|
Loading…
Reference in a new issue