updated FIN4

This commit is contained in:
Rony 2019-05-01 15:24:59 +05:30 committed by GitHub
parent 94466d8196
commit ed351b4eae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -2619,15 +2619,22 @@
"value": "Berserk Bear" "value": "Berserk Bear"
}, },
{ {
"description": "FIN4 is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013. FIN4 is unique in that they do not infect victims with typical persistent malware, but rather they focus on capturing credentials authorized to access email and other non-public correspondence.",
"meta": { "meta": {
"attribution-confidence": "50", "attribution-confidence": "50",
"country": "RO", "country": "RO",
"refs": [
"https://www.reuters.com/article/2015/06/23/us-hackers-insidertrading-idUSKBN0P31M720150623",
"https://www.fireeye.com/blog/threat-research/2014/11/fin4_stealing_insid.html",
"https://www2.fireeye.com/rs/fireye/images/rpt-fin4.pdf",
"https://pwc.blogs.com/cyber_security_updates/2015/06/unfin4ished-business.html"
],
"synonyms": [ "synonyms": [
"FIN4" "Wolf Spider"
] ]
}, },
"uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57", "uuid": "ff449346-aa9f-45f6-b482-71e886a5cf57",
"value": "Wolf Spider" "value": "FIN4"
}, },
{ {
"description": "First observed activity in December 2013.", "description": "First observed activity in December 2013.",