diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index ba3f8d3..8ad97eb 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -12956,6 +12956,16 @@
       },
       "uuid": "3689f0e2-6c39-4864-ae0b-cc03e4cb695a",
       "value": "Zarya"
+    },
+    {
+      "description": "DarkCasino is an economically motivated APT group that targets online trading platforms, including cryptocurrencies, online casinos, network banks, and online credit platforms. They are skilled at stealing passwords to access victims' online accounts and have been active for over a year. DarkCasino exploits vulnerabilities, such as the WinRAR vulnerability CVE-2023-38831, to launch phishing attacks and steal online property.",
+      "meta": {
+        "refs": [
+          "https://nsfocusglobal.com/the-new-apt-group-darkcasino-and-the-global-surge-in-winrar-0-day-exploits/"
+        ]
+      },
+      "uuid": "b9128c29-8941-48a8-a5be-8076dde03a08",
+      "value": "DarkCasino"
     }
   ],
   "version": 293