From edc51963736a66bba3892dd477de9de0fb65bdbe Mon Sep 17 00:00:00 2001 From: Thomas Dupuy Date: Thu, 23 Jan 2020 11:27:00 -0500 Subject: [PATCH] Add Attor and DePriMon --- clusters/threat-actor.json | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index 0f354e6..828b3bb 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -7886,7 +7886,37 @@ }, "uuid": "2eb0dc7a-cef6-4744-92ac-2fe269dacb95", "value": "Budminer" + }, + { + "description": "Adversary group targeting diplomatic missions and governmental organisations.", + "meta": { + "cfr-target-category": [ + "Private sector", + "Government" + ], + "cfr-type-of-incident": "Espionage", + "refs": [ + "https://www.welivesecurity.com/2019/10/10/eset-discovers-attor-spy-platform" + ] + }, + "uuid": "947a450a-df6c-4c2e-807b-0da8ecea1d26", + "value": "Attor" + }, + { + "description": "DePriMon is an unusually advanced downloader whose developers have put extra effort into setting up the architecture and crafting the critical components.", + "meta": { + "cfr-target-category": [ + "Private sector", + "Finance" + ], + "cfr-type-of-incident": "Espionage", + "refs": [ + "https://www.welivesecurity.com/2019/11/21/deprimon-default-print-monitor-malicious-downloader" + ] + }, + "uuid": "443faf38-ad93-4421-8a53-47ad84b195fa", + "value": "DePriMon" } ], - "version": 151 + "version": 152 }