[threat-actors] Add Storm-0324

This commit is contained in:
Mathieu Beligon 2023-09-15 16:29:45 +02:00
parent f80bcdd97f
commit e2fd005821

View file

@ -11646,7 +11646,32 @@
},
"uuid": "01ac8b25-492e-444b-891b-968f2694e7b2",
"value": "MoustachedBouncer"
},
{
"description": "The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment.",
"meta": {
"references": [
"https://www.microsoft.com/en-us/security/blog/2023/09/12/malware-distributor-storm-0324-facilitates-ransomware-access/",
"https://www.proofpoint.com/us/blog/threat-insight/jssloader-recoded-and-reloaded"
],
"synonyms": [
"DEV-0324",
"Sagrid",
"TA543"
]
},
"related": [
{
"dest-uuid": "5db89188-568d-40d2-9320-5fb4a06fbd51",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "uses"
}
],
"version": 281
"uuid": "8cb6f57b-9ebb-45a6-a89f-9efdb8065d70",
"value": "Storm-0324"
}
],
"version": 282
}