[threat-actors] Add APT73

This commit is contained in:
Mathieu4141 2024-11-12 06:58:59 -08:00
parent 55839a8edd
commit da11e5ca09

View file

@ -17359,6 +17359,27 @@
}, },
"uuid": "09aa3edb-e956-43f0-9fcb-a3154b47d202", "uuid": "09aa3edb-e956-43f0-9fcb-a3154b47d202",
"value": "WageMole" "value": "WageMole"
},
{
"description": "APT73 is a ransomware group that has publicly identified 12 victims and launched its data leak site on April 25th. The DLS bears a striking resemblance to that of LockBit, likely to leverage LockBit's reputation and attract potential affiliates. The rationale for this design mimicry is unclear, but it may be intended to signal operational parity with LockBit to inspire trust among low-level criminals. APT73 was formed by an alleged former LockBit affiliate following law enforcement's \"Operation Cronos\" in February 2024.",
"meta": {
"refs": [
"https://quointelligence.eu/2024/06/analyzing-shift-in-ransomware-dynamics/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-www-baldinger-ag-ch/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-www-scopeset-de/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-hpecds-com/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-www-trinitesolutions-com/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-modplan-co-uk/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-mgfsourcing-com/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-www-legilog-fr/",
"https://www.redpacketsecurity.com/apt73-ransomware-victim-sokkakreatif-com/"
],
"synonyms": [
"Eraleig"
]
},
"uuid": "84bf7b38-e120-44c9-bfdd-82740593a6c6",
"value": "APT73"
} }
], ],
"version": 320 "version": 320