MISP/misp-galaxy
6
0
Fork 0
mirror of https://github.com/MISP/misp-galaxy.git synced 2024-11-26 16:57:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #868 from Mathieu4141/threat-actors/add-scattered-ta

Browse source 
[threat-actors] Add Scattered Canary and Scattered Spider
This commit is contained in:
Alexandre Dulaunoy 2023-10-02 19:58:43 +02:00 committed by GitHub
commit dc8f7e455a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
clusters/threat-actor.json
View file

@ -11766,7 +11766,38 @@
], ],
"uuid": "8cb6f57b-9ebb-45a6-a89f-9efdb8065d70", "uuid": "8cb6f57b-9ebb-45a6-a89f-9efdb8065d70",
"value": "Storm-0324" "value": "Storm-0324"
},
{
"description": "When the first member of Scattered Canary, who, for the purposes of this report, we call\nAlpha, began his operations, he was a lone wolf—working mostly Craigslist scams as he learned\nthe tricks of the trade from a mentor. However, within a few years, he had honed his craft\nenough to expand into romance scams, where he met his first “employee,” Beta. Once they\nhad secured enough mules via their romance scams to launder their stolen money, they shifted\nfrom targeting individuals to targeting enterprises, and the groups BEC operation was born.",
"meta": {
"country": "Nigeria",
"motive": "Cybercrime",
"references": [
"https://cofense.com/blog/gift-card-fraud-ecosystem-shifts-what-paxfuls-closing-means-for-business-email-compromise/",
"https://static.fortra.com/agari/pdfs/guide/ag-scattered-canary-gd.pdf",
"https://www.agari.com/blog/covid-19-unemployment-fraud-cares-act?_gl=1%2Ayzg6ns%2A_ga%2AMTkyMzIyOTI4MC4xNjk2MjUyMDA2%2A_ga_NHMHGJWX49%2AMTY5NjI1MjAwNS4xLjAuMTY5NjI1MjAwNS42MC4wLjA.&utm_source=press-release&utm_medium=prnewswire&utm_campaign=scattered20"
]
},
"uuid": "fde2d0f9-ed23-4cdc-96d3-f0a01f804707",
"value": "Scattered Canary"
},
{
"description": "Scattered Spider, a highly active hacking group, has made headlines by targeting more than 130 organizations, with the number of victims steadily increasing.",
"meta": {
"references": [
"https://www.cybersecurity-insiders.com/scattered-spider-managed-mgm-resort-network-outage-brings-8m-loss-daily/",
"https://www.loginradius.com/blog/identity/oktapus-phishing-targets-okta-identity-credentials/"
],
"synonyms": [
"UNC3944",
"Muddled Libra",
"Oktapus",
"Scattered Swine"
]
},
"uuid": "3b238f3a-c67a-4a9e-b474-dc3897e00129",
"value": "Scattered Spider"
} }
], ],
"version": 282 "version": 283
} }