diff --git a/clusters/backdoor.json b/clusters/backdoor.json index c52e142..3564edb 100644 --- a/clusters/backdoor.json +++ b/clusters/backdoor.json @@ -193,7 +193,19 @@ }, "uuid": "0c3b1aa5-3a33-493e-9126-28ebced4ed09", "value": "BPFDoor" + }, + { + "description": "According to Mandiant, this malware family is attributed to potential chinese background and its Linux variant is related to exploitation of Fortinet's SSL-VPN (CVE-2022-42475).", + "meta": { + "refs": [ + "https://malpedia.caad.fkie.fraunhofer.de/details/win.boldmove", + "https://malpedia.caad.fkie.fraunhofer.de/details/elf.boldmove", + "https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw" + ] + }, + "uuid": "2cef78bd-f097-4477-8888-79359042b515", + "value": "BOLDMOVE" } ], - "version": 13 + "version": 14 }