From 1be9a10ef9e5cec2853cbfc51e07e012160e504c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=BCrgen=20L=C3=B6hel?= <juergen.loehel@inlyse.com>
Date: Tue, 17 May 2022 14:47:29 -0500
Subject: [PATCH] chg: [cryptominers] Adds Krane
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
---
 clusters/cryptominers.json | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/clusters/cryptominers.json b/clusters/cryptominers.json
index b23ae9d..91a3bcf 100644
--- a/clusters/cryptominers.json
+++ b/clusters/cryptominers.json
@@ -52,7 +52,17 @@
       },
       "uuid": "3dd091c9-608f-44d6-ac0c-5dfdf9bb4518",
       "value": "Blue Mockingbird Cryptominer"
+    },
+    {
+      "description": "The Krane malware uses SSH brute-force techniques to drop the XMRig cryptominer on the target to mine for the Hashvault pool.",
+      "meta": {
+        "refs": [
+          "https://cujo.com/threat-alert-krane-malware/"
+        ]
+      },
+      "uuid": "a0c0ab05-c390-425c-9311-f64bf7ca9145",
+      "value": "Krane"
     }
   ],
-  "version": 1
+  "version": 2
 }