mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add UAC-0118
parent
cf7cdcbc2b
commit
228bbcc21d
|
@ -13728,6 +13728,22 @@
|
|||
},
|
||||
"uuid": "e883458d-496f-4a94-b916-4b7b83e3d525",
|
||||
"value": "DEV-0569"
|
||||
},
|
||||
{
|
||||
"description": "From Russia with Love, is a threat actor group that emerged during the Russia-Ukraine war in 2022. They primarily engage in DDoS attacks and have targeted critical infrastructure, media, energy, and government entities. FRwL has been linked to the use of the Somnia ransomware, which they employ as a wiper rather than for financial gain. While there is no direct evidence linking FRwL to the Russian Main Intelligence Directorate, it is possible that they coordinate activities with state-aligned hacktivist groups.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://socprime.com/blog/somnia-malware-detection-uac-0118-aka-frwl-launches-cyber-attacks-against-organizations-in-ukraine-using-enhanced-malware-strains/",
|
||||
"https://spixnet.at/cybersecurity-blog/2022/11/15/russian-hacktivists-hit-ukrainian-orgs-with-ransomware-but-no-ransom-demands/",
|
||||
"https://outpost24.com/blog/ics-attack-classifications/"
|
||||
],
|
||||
"synonyms": [
|
||||
"FRwL",
|
||||
"FromRussiaWithLove"
|
||||
]
|
||||
},
|
||||
"uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
|
||||
"value": "UAC-0118"
|
||||
}
|
||||
],
|
||||
"version": 295
|
||||
|
|
Loading…
Reference in New Issue