[threat-actors] Add Awaken Likho

This commit is contained in:
Mathieu4141 2024-10-07 03:58:02 -07:00
parent d6ade514bc
commit dfe6e6dfab

View file

@ -16932,6 +16932,20 @@
}, },
"uuid": "afca4b9c-2bdb-47ef-becc-1d5683d3d2fb", "uuid": "afca4b9c-2bdb-47ef-becc-1d5683d3d2fb",
"value": "SkidSec" "value": "SkidSec"
},
{
"description": "Awaken Likho is an APT group that has targeted Russian government agencies and industrial enterprises, employing techniques such as information gathering via search engines and using MeshCentral for remote access. The group has been active since at least December 2021 and has ramped up its activities following the Russo-Ukrainian conflict. Recent reports indicate that they are focusing on espionage against critical infrastructure in the defense and energy sectors. Analysis of their malware reveals a new version that is still in development, suggesting ongoing operational capabilities.",
"meta": {
"refs": [
"https://securelist.com/awaken-likho-apt-new-implant-campaign/114101/",
"https://bi.zone/eng/expertise/blog/core-werewolf-protiv-opk-i-kriticheskoy-infrastruktury/"
],
"synonyms": [
"Core Werewolf"
]
},
"uuid": "b3a4c34f-0ad6-4083-938a-958deb34b6c7",
"value": "Awaken Likho"
} }
], ],
"version": 316 "version": 316