mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-26 16:57:18 +00:00
[threat-actors] Add GREF
This commit is contained in:
parent
c8e8a14b04
commit
f0229fbdd2
1 changed files with 11 additions and 0 deletions
|
@ -13893,6 +13893,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "94ce7925-1a37-4b02-a25b-b87a389c92b3",
|
"uuid": "94ce7925-1a37-4b02-a25b-b87a389c92b3",
|
||||||
"value": "GambleForce"
|
"value": "GambleForce"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "GREF is a China-aligned APT group that has been active since at least March 2017. They are known for using custom backdoors, loaders, and ancillary tools in their targeted attacks. Recently, they have been attributed to two active Android campaigns that distribute the BadBazaar malware through malicious apps on official and alternative app stores. GREF has targeted Android users, particularly Uyghurs and other Turkic ethnic minorities outside of China, using trojanized versions of popular messaging apps like Signal and Telegram.",
|
||||||
|
"meta": {
|
||||||
|
"country": "CN",
|
||||||
|
"refs": [
|
||||||
|
"https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "e6d16c22-0780-483c-9920-c1d9f27b10c8",
|
||||||
|
"value": "GREF"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 296
|
"version": 296
|
||||||
|
|
Loading…
Reference in a new issue