mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-22 23:07:19 +00:00
[threat-actors] Add Awaken Likho
This commit is contained in:
parent
d6ade514bc
commit
dfe6e6dfab
1 changed files with 14 additions and 0 deletions
|
@ -16932,6 +16932,20 @@
|
||||||
},
|
},
|
||||||
"uuid": "afca4b9c-2bdb-47ef-becc-1d5683d3d2fb",
|
"uuid": "afca4b9c-2bdb-47ef-becc-1d5683d3d2fb",
|
||||||
"value": "SkidSec"
|
"value": "SkidSec"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Awaken Likho is an APT group that has targeted Russian government agencies and industrial enterprises, employing techniques such as information gathering via search engines and using MeshCentral for remote access. The group has been active since at least December 2021 and has ramped up its activities following the Russo-Ukrainian conflict. Recent reports indicate that they are focusing on espionage against critical infrastructure in the defense and energy sectors. Analysis of their malware reveals a new version that is still in development, suggesting ongoing operational capabilities.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://securelist.com/awaken-likho-apt-new-implant-campaign/114101/",
|
||||||
|
"https://bi.zone/eng/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/"
|
||||||
|
],
|
||||||
|
"synonyms": [
|
||||||
|
"Core Werewolf"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "b3a4c34f-0ad6-4083-938a-958deb34b6c7",
|
||||||
|
"value": "Awaken Likho"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 316
|
"version": 316
|
||||||
|
|
Loading…
Reference in a new issue