From 33ff650327f3ff17d1c6081e90ca8648b0cad4e2 Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Fri, 10 Feb 2023 14:14:28 -0800 Subject: [PATCH] [threat-actors] Add more information about NoName057(16) --- clusters/threat-actor.json | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index d7a71f8..71a1731 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -9776,11 +9776,14 @@ "description": "NoName057(16) is performing DDoS attacks on websites belonging to governments, news agencies, armies, suppliers, telecommunications companies, transportation authorities, financial institutions, and more in Ukraine and neighboring countries supporting Ukraine, like Ukraine itself, Estonia, Lithuania, Norway, and Poland.", "meta": { "cfr-suspected-victims": [ - "Ukraine", + "Czech Republic", + "Denmark", "Estonia", "Lithuania", + "NATO", "Norway", - "Poland" + "Poland", + "Ukraine" ], "cfr-target-category": [ "Financial", @@ -9793,7 +9796,15 @@ "Denial of service" ], "refs": [ - "https://decoded.avast.io/martinchlumecky/bobik/" + "https://decoded.avast.io/martinchlumecky/bobik/", + "https://www.sentinelone.com/labs/noname05716-the-pro-russian-hacktivist-group-targeting-nato/", + "https://www.gov.pl/web/special-services/russian-cyberattacks" + ], + "synonyms": [ + "NoName057", + "NoName05716", + "05716nnm", + "Nnm05716" ] }, "uuid": "e62937d0-dec6-4c39-a836-e43b1d138df4", @@ -9994,5 +10005,5 @@ "value": "Malteiro" } ], - "version": 257 + "version": 258 }