From 31562e470112a97c5eb2523af5db1502f6f700c8 Mon Sep 17 00:00:00 2001
From: Mathieu Beligon <mathieu@feedly.com>
Date: Wed, 29 Nov 2023 11:28:37 -0800
Subject: [PATCH] [threat-actors] Add WildPressure

---
 clusters/threat-actor.json | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index ee8df94..49b4085 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13589,6 +13589,19 @@
       },
       "uuid": "dc8a7137-f56e-41db-a500-920e69fa29f5",
       "value": "WildCard"
+    },
+    {
+      "description": "WildPressure is a threat actor that targets industrial-related entities in the Middle East. They use a variety of programming languages, including C++, VBScript, and Python, to develop their malware. They have been observed using virtual private servers and compromised servers, particularly WordPress websites, in their infrastructure. While there are some minor similarities with other threat actors in the region, there is not enough evidence to make any attribution.",
+      "meta": {
+        "refs": [
+          "https://www.redpacketsecurity.com/it-threat-evolution-q3-2021/",
+          "https://securelist.com/wildpressure-targets-macos/103072/",
+          "https://www.redpacketsecurity.com/wildpressure-targets-industrial-related-entities-in-the-middle-east/",
+          "https://securelist.com/wildpressure-targets-industrial-in-the-middle-east/96360/"
+        ]
+      },
+      "uuid": "89f5a5cb-514f-46db-8959-6bb9aa991e9f",
+      "value": "WildPressure"
     }
   ],
   "version": 295