Merge branch 'nyx0-main' into main

2024-11-22 23:07:19 +00:00 · 2022-09-27 08:18:38 +02:00 · 2022-09-27 08:18:38 +02:00 · d5ecb73b90
commit d5ecb73b90
parent e259458d5a c3b65a2d15
1 changed files with 29 additions and 1 deletions
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -9797,7 +9797,35 @@
      ],
      "uuid": "ecf4d7cb-9bf7-4d9d-8450-c99e885b9aac",
      "value": "BITWISE SPIDER"
+    },
+    {
+      "description": "Void Balaur is a highly active hack-for-hire / cyber mercenary group with a wide range of known target types across the globe. Their services have been observed for sale to the public online since at least 2016. Services include the collection of private data and access to specific online email and social media services, such as Gmail, Outlook, Telegram, Yandex, Facebook, Instagram, and business emails.",
+      "meta": {
+        "cfr-suspected-victims": [
+          "Brazil",
+          "Central African Republic",
+          "Georgia",
+          "Kazakhstan",
+          "Moldova",
+          "Russia",
+          "Spain",
+          "Sudan",
+          "Taiwan",
+          "Ukraine",
+          "United Kingdom",
+          "United States"
+        ],
+        "refs": [
+          "https://www.sentinelone.com/labs/the-sprawling-infrastructure-of-a-careless-mercenary/",
+          "https://blog.google/threat-analysis-group/countering-hack-for-hire-groups/",
+          "https://documents.trendmicro.com/assets/white_papers/wp-void-balaur-tracking-a-cybermercenarys-activities.pdf",
+          "https://www.amnesty.org/en/latest/research/2020/03/targeted-surveillance-attacks-in-uzbekistan-an-old-threat-with-new-techniques/",
+          "https://equalit.ie/deflect-labs-report-6/"
+        ]
+      },
+      "uuid": "ca310f0a-1131-4c67-b0a7-f1cd4ce0f87f",
+      "value": "Void Balaur"
    }
  ],
-  "version": 247
+  "version": 248
 }