From 1d0aba851d4d0ac9bfda9f5c7b93cf08bb31ac0e Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Sun, 10 Jul 2016 12:14:54 +0200 Subject: [PATCH] Chinastrats added --- elements/adversary-groups.json | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/elements/adversary-groups.json b/elements/adversary-groups.json index a3e060a..23217e7 100644 --- a/elements/adversary-groups.json +++ b/elements/adversary-groups.json @@ -86,7 +86,8 @@ "Nitro", "Stealth Falcon", "Pacifier APT", - "HummingBad" + "HummingBad", + "Dropping Elephant" ], "details": [ { @@ -840,10 +841,21 @@ { "country": "CN", "group": "HummingBad", - "description": " This group created a malware that takes over Android devices and generates $300,000 per month in fraudulent ad revenue. The group effectively controls an arsenal of over 85 million mobile devices around the world. With the potential to sell access to these devices to the highest bidder", + "description": "This group created a malware that takes over Android devices and generates $300,000 per month in fraudulent ad revenue. The group effectively controls an arsenal of over 85 million mobile devices around the world. With the potential to sell access to these devices to the highest bidder", "refs": [ "http://blog.checkpoint.com/wp-content/uploads/2016/07/HummingBad-Research-report_FINAL-62916.pdf" ] - } + }, + { + "group": "Dropping Elephant", + "description": "Dropping Elephant (also known as “Chinastrats” and “Patchwork“) is a relatively new threat actor that is targeting a variety of high profile diplomatic and economic targets using a custom set of attack tools. Its victims are all involved with China’s foreign relations in some way, and are generally caught through spear-phishing or watering hole attacks.", + "refs": [ + "https://securelist.com/blog/research/75328/the-dropping-elephant-actor/" + ], + "synonyms": [ + "Chinastrats", + "Patchwork" + ] + } ] }