mirror of https://github.com/MISP/misp-galaxy
More groups
parent
3ad029ca0b
commit
26a8477fd1
|
|
@ -3,7 +3,7 @@
|
|||
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
||||
"authors": ["Alexandre Dulaunoy", "Florian Roth", "Various"],
|
||||
"type": "Adversary Groups",
|
||||
"groups" : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda","Stone Panda","Nightshade Panda","Hellsing","Night Dragon","Mirage","Anchor Panda","NetTraveler","Ice Fog","HiddenLynx","Beijing Group","Pirate Panda","Radio Panda","Dagger Panda","Samurai Panda","Impersonating Panda","Violin Panda","Toxic Panda","Temper Panda","Flying Kitten","Pirate Panda","Viking Jackal","Cutting Kitten","Rebel Jackal","Stalker Panda","Berserk Bear","Dizzy Panda","Predator Panda","Pitty Panda","Wet Panda","Union Panda"],
|
||||
"groups" : ["Comment Crew","Putter Panda","Sofacy","APT 29","Turla Group","Energetic Bear","Sandworm","Anunak","TeamSpy Crew","BuhTrap","Putter Panda","UPS","IXESHE","APT 16","Aurora Panda","Wekby","Axiom","Shell Crew","Naikon","Lotus Blossom","Hurricane Panda","Emissary Panda","Stone Panda","Nightshade Panda","Hellsing","Night Dragon","Mirage","Anchor Panda","NetTraveler","Ice Fog","HiddenLynx","Beijing Group","Pirate Panda","Radio Panda","Dagger Panda","Samurai Panda","Impersonating Panda","Violin Panda","Toxic Panda","Temper Panda","Flying Kitten","Viking Jackal","Cutting Kitten","Rebel Jackal","Stalker Panda","Berserk Bear","Dizzy Panda","Predator Panda","Pitty Panda","Wet Panda","Union Panda","Wolf Spider","Boulder Bear","Lotus Panda","Shark Spider","Silent Chollima","Viceroy Tiger","Pizzo Spider","Corsair Jackal"],
|
||||
"details" : [
|
||||
{
|
||||
"group": "Comment Crew",
|
||||
|
|
@ -29,6 +29,10 @@
|
|||
"country": "CN"
|
||||
},
|
||||
{
|
||||
"group": "Eloquent Panda",
|
||||
"country": "CN"
|
||||
},
|
||||
{
|
||||
"group": "Dizzy Panda",
|
||||
"synonyms": ["LadyBoyle"]
|
||||
},
|
||||
|
|
@ -36,7 +40,7 @@
|
|||
"group": "Putter Panda",
|
||||
"refs": ["http://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf"],
|
||||
"country": "CN",
|
||||
"synonyms": ["PLA Unit 61486", "APT 2", "Group 36"]
|
||||
"synonyms": ["PLA Unit 61486", "APT 2", "Group 36","APT-2","MSUpdater","4HCrew","SULPHUR"]
|
||||
},
|
||||
{
|
||||
"group": "UPS",
|
||||
|
|
@ -92,6 +96,11 @@
|
|||
"synonyms": ["Spring Dragon","ST Group"]
|
||||
},
|
||||
{
|
||||
"group": "Lotus Panda",
|
||||
"country": "CN",
|
||||
"synonyms": ["Elise"]
|
||||
},
|
||||
{
|
||||
"group": "Hurricane Panda",
|
||||
"refs": ["http://www.crowdstrike.com/blog/cyber-deterrence-in-action-a-story-of-one-long-hurricane-panda-campaign/"],
|
||||
"country": "CN"
|
||||
|
|
@ -100,7 +109,7 @@
|
|||
"group": "Emissary Panda",
|
||||
"refs": ["http://www.secureworks.com/cyber-threat-intelligence/threats/threat-group-3390-targets-organizations-for-cyberespionage/"],
|
||||
"country": "CN",
|
||||
"synonyms": ["TG-3390","APT 27","TEMP.Hippo","Group 35"]
|
||||
"synonyms": ["TG-3390","APT 27","TEMP.Hippo","Group 35","HIPPOTeam","APT27"]
|
||||
},
|
||||
{
|
||||
"group": "Stone Panda",
|
||||
|
|
@ -133,6 +142,7 @@
|
|||
{
|
||||
"group": "Anchor Panda",
|
||||
"refs": ["http://www.crowdstrike.com/blog/whois-anchor-panda/"],
|
||||
"synonyms": ["APT14","APT 14","QAZTeam","ALUMINUM"],
|
||||
"country": "CN"
|
||||
},
|
||||
{
|
||||
|
|
@ -161,10 +171,6 @@
|
|||
"country": "CN"
|
||||
},
|
||||
{
|
||||
"group": "Pirate Panda",
|
||||
"country": "CN"
|
||||
},
|
||||
{
|
||||
"group": "Radio Panda",
|
||||
"country": "CN"
|
||||
},
|
||||
|
|
@ -184,6 +190,7 @@
|
|||
},
|
||||
{
|
||||
"group": "Violin Panda",
|
||||
"synonyms": ["APT20","APT 20","TH3Bug"],
|
||||
"country": "CN"
|
||||
},
|
||||
{
|
||||
|
|
@ -194,7 +201,7 @@
|
|||
"group": "Temper Panda",
|
||||
"refs": ["https://www.fireeye.com/blog/threat-research/2013/10/know-your-enemy-tracking-a-rapidly-evolving-apt-actor.html"],
|
||||
"country": "CN",
|
||||
"synonyms": ["Admin338","Team338"]
|
||||
"synonyms": ["Admin338","Team338","MAGNESIUM","admin@338"]
|
||||
},
|
||||
{
|
||||
"group": "Pirate Panda",
|
||||
|
|
@ -271,6 +278,38 @@
|
|||
{
|
||||
"group": "Berserk Bear",
|
||||
"country": "RU"
|
||||
},
|
||||
{
|
||||
"group": "Wolf Spider",
|
||||
"country": "RO"
|
||||
},
|
||||
{
|
||||
"group": "Boulder Bear",
|
||||
"country": "RU"
|
||||
},
|
||||
{
|
||||
"group": "Shark Spider",
|
||||
"country": "RU"
|
||||
},
|
||||
{
|
||||
"group": "Silent Chollima",
|
||||
"synonyms": ["OperationTroy"],
|
||||
"country": "KP"
|
||||
},
|
||||
{
|
||||
"group": "Viceroy Tiger",
|
||||
"country": "IN",
|
||||
"synonyms": ["Appin","OperationHangover"]
|
||||
},
|
||||
{
|
||||
"group": "Pizzo Spider",
|
||||
"country": "US",
|
||||
"synonyms": ["DD4BC","Ambiorx"]
|
||||
},
|
||||
{
|
||||
"group": "Corsair Jackal",
|
||||
"country": "TN",
|
||||
"synonyms": ["TunisianCyberArmy"]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue