From d9f98b52dad98049e191316dca68822eec814d96 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Fri, 1 Nov 2024 10:43:27 -0700
Subject: [PATCH] [threat-actors] Add OverFlame

---
 clusters/threat-actor.json | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 50bfb16..e07cb1c 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -17050,6 +17050,17 @@
       },
       "uuid": "a86b67d2-fc94-4c1b-91e1-949c969176ed",
       "value": "LulzSec Black"
+    },
+    {
+      "description": "OverFlame is a hacktivist group known for executing DDoS attacks and website defacements, primarily targeting government institutions and corporations in Europe and North America. The group has been involved in coordinated attacks alongside other pro-Russian threat actors, such as NoName057and the People’s Cyber Army, often motivated by anti-government and anti-corporate sentiments. OverFlame operates through underground forums and encrypted messaging platforms to coordinate attacks and recruit members. Their activities have included targeting financial services, political parties, and educational institutions, demonstrating a focus on disrupting critical infrastructure.",
+      "meta": {
+        "refs": [
+          "https://socradar.io/biggest-education-industry-attacks-in-2024/",
+          "https://www.scworld.com/brief/austria-subjected-to-pro-russian-ddos-intrusions"
+        ]
+      },
+      "uuid": "8bd29f1a-ea33-49c2-a783-42cd2a193f83",
+      "value": "OverFlame"
     }
   ],
   "version": 318