TeleBots group added

This commit is contained in:
Alexandre Dulaunoy 2016-12-13 19:37:30 +01:00
parent 3a657ace36
commit ff17ac998e

View file

@ -797,6 +797,14 @@
}, },
"value": "Sandworm" "value": "Sandworm"
}, },
{
"meta": {
"country": "RU",
"refs": ["http://www.welivesecurity.com/2016/12/13/rise-telebots-analyzing-disruptive-killdisk-attacks/"]
},
"value": "TeleBots",
"description": "We will refer to the gang behind the malware as TeleBots. However its important to say that these attackers, and the toolset used, share a number of similarities with the BlackEnergy group, which conducted attacks against the energy industry in Ukraine in December 2015 and January 2016. In fact, we think that the BlackEnergy group has evolved into the TeleBots group."
},
{ {
"meta": { "meta": {
"synonyms": [ "synonyms": [
@ -1196,5 +1204,5 @@
], ],
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"uuid": "7cdff317-a673-4474-84ec-4f1754947823", "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
"version": 3 "version": 4
} }