misp-circl-feed/feeds/circl/misp/5b276228-9270-42f9-9ecd-4a81950d210f.json

215 lines
6.7 KiB
JSON
Raw Permalink Normal View History

2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2018-06-15",
"extends_uuid": "",
"info": "Clipboard Hijacker Targeting Bitcoin & Ethereum Users Infects Over 300,0000 PCs",
"publish_timestamp": "1540717301",
"published": true,
"threat_level_id": "3",
"timestamp": "1540557811",
"uuid": "5b276228-9270-42f9-9ecd-4a81950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#3a7300",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "circl:incident-classification=\"malware\"",
"relationship_type": ""
},
{
"colour": "#00223b",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:tool=\"ClipboardWalletHijacker\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529308093",
"to_ids": false,
"type": "link",
"uuid": "5b27626a-0b5c-499f-b32c-49fa950d210f",
"value": "https://www.bleepingcomputer.com/news/security/clipboard-hijacker-targeting-bitcoin-and-ethereum-users-infects-over-300-0000-pcs/",
"Tag": [
{
"colour": "#00223b",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529308069",
"to_ids": false,
"type": "text",
"uuid": "5b276289-7e74-4cd5-b56c-46f1950d210f",
"value": "A malware campaign spreading a clipboard hijacker has infected over 300,000 computers, according to Chinese security firm Qihoo 360 Total Security.\r\n\r\nThe campaign has been raging for the past week and has spread a malware which Qihoo researchers have named ClipboardWalletHijacker.",
"Tag": [
{
"colour": "#00223b",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1529308085",
"to_ids": false,
"type": "link",
"uuid": "5b2763ad-40a8-46e2-8bb1-41de950d210f",
"value": "https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/",
"Tag": [
{
"colour": "#00223b",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:source-type=\"blog-post\"",
"relationship_type": ""
}
]
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "An address used in a cryptocurrency",
"meta-category": "financial",
"name": "coin-address",
"template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46",
"template_version": "2",
"timestamp": "1529308177",
"uuid": "5b276411-7dc4-47d6-a36f-4f00950d210f",
"Attribute": [
{
"category": "Financial fraud",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "address",
"timestamp": "1529308177",
"to_ids": true,
"type": "btc",
"uuid": "5b276411-8e78-4250-9cf9-4eac950d210f",
"value": "1FoSfmjZJFqFSsD2cGXuccM9QMMa28Wrn1"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "symbol",
"timestamp": "1529308178",
"to_ids": false,
"type": "text",
"uuid": "5b276412-dc58-4d1f-9245-4b23950d210f",
"value": "BTC"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An address used in a cryptocurrency",
"meta-category": "financial",
"name": "coin-address",
"template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46",
"template_version": "2",
"timestamp": "1529308195",
"uuid": "5b276423-15a8-4e24-b174-438e950d210f",
"Attribute": [
{
"category": "Financial fraud",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "address",
"timestamp": "1529308195",
"to_ids": true,
"type": "btc",
"uuid": "5b276423-890c-4166-8773-44f7950d210f",
"value": "19gdjoWaE8i9XPbWoDbixev99MvvXUSNZL"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "symbol",
"timestamp": "1529308196",
"to_ids": false,
"type": "text",
"uuid": "5b276424-4524-40c1-bf1e-4981950d210f",
"value": "BTC"
}
]
},
{
"comment": "",
"deleted": false,
"description": "An address used in a cryptocurrency",
"meta-category": "financial",
"name": "coin-address",
"template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46",
"template_version": "2",
"timestamp": "1529308212",
"uuid": "5b276434-a5e4-4b4e-b566-439f950d210f",
"Attribute": [
{
"category": "Financial fraud",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "address",
"timestamp": "1529308212",
"to_ids": true,
"type": "btc",
"uuid": "5b276434-6aa4-48ba-a645-46ad950d210f",
"value": "0x004D3416DA40338fAf9E772388A93fAF5059bFd5"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "symbol",
"timestamp": "1529308213",
"to_ids": false,
"type": "text",
"uuid": "5b276435-acbc-483c-bce3-4845950d210f",
"value": "ETH"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}