MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add Bignosa

pull/960/head
Mathieu4141 2024-04-17 10:09:08 -07:00
parent bb09f64e8b
commit 2cf8b058bb
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
clusters/threat-actor.json
View File

@ -15560,6 +15560,17 @@
},
"uuid": "21ad5aad-0a55-457d-b94d-3b4565e82e0a",
"value": "CyberNiggers"
},
{
"description": "Bignosa is a threat actor known for launching malware campaigns targeting Australian and US organizations using phishing emails with disguised Agent Tesla attachments protected by Cassandra Protector. They compromised servers by installing Plesk and RoundCube, connected via SSH and RDP, and used advanced obfuscation methods to evade detection. Bignosa collaborated with another cybercriminal named Gods, who provided advice and assistance in their malicious activities. The actor has been linked to multiple phishing attacks and malware distribution campaigns, showcasing a high level of sophistication in their operations.",
"meta": {
"country": "KE",
"refs": [
"https://research.checkpoint.com/2024/agent-tesla-targeting-united-states-and-australia/"
]
},
"uuid": "07232925-bd1b-49a9-adca-46536ff6fdd8",
"value": "Bignosa"
}
],
"version": 305