From ff9a8ddfe35ece880d286cbd2385f7648450862c Mon Sep 17 00:00:00 2001 From: Mathieu Beligon Date: Tue, 7 Nov 2023 14:47:11 +0100 Subject: [PATCH] [threat-actors] Add BadRory --- clusters/threat-actor.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index fca33c9..6498302 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -12501,6 +12501,16 @@ }, "uuid": "0e9bbcf1-9273-4438-b437-287317bfb989", "value": "TA499" + }, + { + "description": "Kaspersky researchers have identified a new APT group named BadRory that has mounted two waves of spear-phishing attacks against Russian organizations. The campaigns took place in October 2022 and April 2023 and leveraged boobytrapped Office emails. Targets included government entities, military contractors, universities, and hospitals.", + "meta": { + "refs": [ + "https://securelist.com/apt-trends-report-q3-2023/110752/" + ] + }, + "uuid": "aa74d1f3-b294-405b-bb18-3ac1c13560a1", + "value": "BadRory" } ], "version": 292