mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
[threat-actors] Add UNC2447
This commit is contained in:
parent
668fb80aec
commit
ebd216e315
1 changed files with 13 additions and 0 deletions
|
@ -13682,6 +13682,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "21bb2dab-4125-4ae8-8966-c7381659e180",
|
"uuid": "21bb2dab-4125-4ae8-8966-c7381659e180",
|
||||||
"value": "WIP19"
|
"value": "WIP19"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UNC2447 is a financially motivated threat actor with ties to multiple hacker groups. They have been observed deploying ransomware, including FiveHands and Hello Kitty, and engaging in double extortion tactics. They have been active since at least May 2020 and target organizations in Europe and North America.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.esentire.com/blog/hacker-infrastructure-used-in-cisco-breach-discovered-attacking-a-top-workforce-management-corporation-russias-evil-corp-gang-suspected-reports-esentire",
|
||||||
|
"https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html",
|
||||||
|
"http://internal-www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html",
|
||||||
|
"https://www.rewterz.com/rewterz-news/rewterz-threat-alert-financially-motivated-aggressive-group-carrying-out-ransomware-campaigns-active-iocs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "590ecec6-4047-4d0f-9143-2e367700423d",
|
||||||
|
"value": "UNC2447"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 295
|
"version": 295
|
||||||
|
|
Loading…
Reference in a new issue