mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
Merging APT23 & Tropic Trooper
This commit is contained in:
parent
74ea81f2b6
commit
d6bf42254f
1 changed files with 11 additions and 22 deletions
|
@ -608,26 +608,6 @@
|
||||||
"uuid": "9a683d9c-8f7d-43df-bba2-ad0ca71e277c",
|
"uuid": "9a683d9c-8f7d-43df-bba2-ad0ca71e277c",
|
||||||
"value": "Wekby"
|
"value": "Wekby"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"description": "TrendMicro described Tropic Trooper in a 2015 report as: 'Taiwan and the Philippines have become the targets of an ongoing campaign called Operation TropicTrooper. Active since 2012, the attackers behind the campaign haveset their sights on the Taiwanese government as well as a number of companies in the heavy industry. The same campaign has also targeted key Philippine military agencies.'",
|
|
||||||
"meta": {
|
|
||||||
"refs": [
|
|
||||||
"http://researchcenter.paloaltonetworks.com/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/",
|
|
||||||
"http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-tropic-trooper.pdf",
|
|
||||||
"https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/",
|
|
||||||
"https://unit42.paloaltonetworks.com/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/",
|
|
||||||
"https://blog.lookout.com/titan-mobile-threat",
|
|
||||||
"https://attack.mitre.org/groups/G0081/"
|
|
||||||
],
|
|
||||||
"synonyms": [
|
|
||||||
"Operation Tropic Trooper",
|
|
||||||
"Operation TropicTrooper",
|
|
||||||
"TropicTrooper"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"uuid": "4fd409a9-db86-46a5-bdf2-b6c8ee397a89",
|
|
||||||
"value": "Tropic Trooper"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"description": "The Winnti grouping of activity is large and may actually be a number of linked groups rather than a single discrete entity. Kaspersky describe Winnti as: 'The Winnti group has been attacking companies in the online video game industry since 2009 and is currently still active. The groups objectives are stealing digital certificates signed by legitimate software vendors in addition to intellectual property theft, including the source code of online game projects. The majority of the victims are from South East Asia.'",
|
"description": "The Winnti grouping of activity is large and may actually be a number of linked groups rather than a single discrete entity. Kaspersky describe Winnti as: 'The Winnti group has been attacking companies in the online video game industry since 2009 and is currently still active. The groups objectives are stealing digital certificates signed by legitimate software vendors in addition to intellectual property theft, including the source code of online game projects. The majority of the victims are from South East Asia.'",
|
||||||
"meta": {
|
"meta": {
|
||||||
|
@ -1668,18 +1648,27 @@
|
||||||
"value": "Temper Panda"
|
"value": "Temper Panda"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
"description": "TrendMicro described Tropic Trooper in a 2015 report as: 'Taiwan and the Philippines have become the targets of an ongoing campaign called Operation TropicTrooper. Active since 2012, the attackers behind the campaign haveset their sights on the Taiwanese government as well as a number of companies in the heavy industry. The same campaign has also targeted key Philippine military agencies.'",
|
||||||
"meta": {
|
"meta": {
|
||||||
"attribution-confidence": "50",
|
"attribution-confidence": "50",
|
||||||
"country": "CN",
|
"country": "CN",
|
||||||
"refs": [
|
"refs": [
|
||||||
"https://blog.rapid7.com/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india/",
|
"https://blog.rapid7.com/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india/",
|
||||||
"http://www.crowdstrike.com/blog/rhetoric-foreshadows-cyber-activity-in-the-south-china-sea/",
|
"http://www.crowdstrike.com/blog/rhetoric-foreshadows-cyber-activity-in-the-south-china-sea/",
|
||||||
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf"
|
"https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf",
|
||||||
|
"http://researchcenter.paloaltonetworks.com/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/",
|
||||||
|
"http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-tropic-trooper.pdf",
|
||||||
|
"https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/",
|
||||||
|
"https://unit42.paloaltonetworks.com/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/",
|
||||||
|
"https://blog.lookout.com/titan-mobile-threat",
|
||||||
|
"https://attack.mitre.org/groups/G0081/"
|
||||||
],
|
],
|
||||||
"synonyms": [
|
"synonyms": [
|
||||||
"APT23",
|
"APT23",
|
||||||
"APT 23",
|
"APT 23",
|
||||||
"KeyBoy"
|
"KeyBoy",
|
||||||
|
"TropicTrooper",
|
||||||
|
"Tropic Trooper"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"uuid": "7f16d1f5-04ee-4d99-abf0-87e1f23f9fee",
|
"uuid": "7f16d1f5-04ee-4d99-abf0-87e1f23f9fee",
|
||||||
|
|
Loading…
Reference in a new issue