From 1988662ee5d3a142ac186ccfe7ab657b9963c11e Mon Sep 17 00:00:00 2001
From: Thomas Dupuy <thom4s.d@gmail.com>
Date: Fri, 9 Aug 2019 10:24:06 -0400
Subject: [PATCH] add APT41

---
 clusters/threat-actor.json | 46 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 2a2fea4..646d309 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -7637,7 +7637,51 @@
       },
       "uuid": "5533d062-18ab-4c70-9472-0eac03f95a1d",
       "value": "TA428"
+    },
+    {
+      "description": "APT41 is a prolific cyber threat group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity potentially outside of state control.",
+      "meta": {
+        "cfr-suspected-state-sponsor": "People's Republic of China",
+        "cfr-suspected-victims": [
+          "France",
+          "India",
+          "Italy",
+          "Japan",
+          "Myanmar",
+          "Netherlands",
+          "Singapore",
+          "South Korea",
+          "South Africa",
+          "Switzerland",
+          "Thailand",
+          "Turkey",
+          "United Kingdom",
+          "United States"
+        ],
+        "cfr-target-category": [
+          "Healthcare",
+          "High-tech",
+          "Media",
+          "Pharmaceuticals",
+          "Retail",
+          "Software companies",
+          "Telecoms",
+          "Travel services",
+          "Education",
+          "Video games",
+          "Virtual currencies"
+        ],
+        "country": "CN",
+        "refs": [
+          "https://www.fireeye.com/blog/threat-research/2019/08/apt41-dual-espionage-and-cyber-crime-operation.html"
+        ],
+        "synonyms": [
+          ""
+        ]
+      },
+      "uuid": "9c124874-042d-48cd-b72b-ccdc51ecbbd6",
+      "value": "APT41"
     }
   ],
-  "version": 125
+  "version": 126
 }