mirror of https://github.com/MISP/misp-galaxy
More groups from RU
parent
6e62b0ab46
commit
088d105f5d
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"version" : 1,
|
"version" : 1,
|
||||||
"description": "Known or estimated adversary groups targeting organizations and employees",
|
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups can be confused with their initial operation or campaign.",
|
||||||
"author": "Various",
|
"authors": ["Alexandre Dulaunoy", "Florian Roth", "Various"],
|
||||||
"type": "APT Groups",
|
"type": "APT Groups",
|
||||||
"groups" : ["Comment Crew","Sofacy"],
|
"groups" : ["Comment Crew","Sofacy"],
|
||||||
"details" : [
|
"details" : [
|
||||||
|
@ -18,6 +18,46 @@
|
||||||
"refs": ["https://en.wikipedia.org/wiki/Sofacy_Group"],
|
"refs": ["https://en.wikipedia.org/wiki/Sofacy_Group"],
|
||||||
"country": "RU",
|
"country": "RU",
|
||||||
"synonyms": ["APT 28", "APT28", "Pawn Storm", "Fancy Bear", "Sednit"]
|
"synonyms": ["APT 28", "APT28", "Pawn Storm", "Fancy Bear", "Sednit"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "APT 29",
|
||||||
|
"refs": ["https://labsblog.f-secure.com/2015/09/17/the-dukes-7-years-of-russian-cyber-espionage/"],
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["Dukes", "Group 100", "Cozy Duke", "EuroAPT", "CozyBear", "CozyCar", "Cozer", "Office Monkeys"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Turla Group",
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["Turla", "Snake", "Venomous Bear", "Group 88"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Energetic Bear",
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["Dragonfly", "Crouching Yeti", "Group 24"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Sandworm",
|
||||||
|
"refs": ["http://www.isightpartners.com/2014/10/cve-2014-4114/"],
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["Sandworm Team"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "Anunak",
|
||||||
|
"description": "Groups targeting financial organizations or people with significant financial assets.",
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["Carbanak"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "TeamSpy Crew",
|
||||||
|
"refs": ["https://securelist.com/blog/incidents/35520/the-teamspy-crew-attacks-abusing-teamviewer-for-cyberespionage-8/"],
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": ["TeamSpy"]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"group": "BuhTrap",
|
||||||
|
"refs": ["http://www.welivesecurity.com/2015/11/11/operathion-buhtrap-malware-distributed-via-ammyy-com/"],
|
||||||
|
"country": "RU",
|
||||||
|
"synonyms": [""]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue