From 365bbbe24a910246ffd956f05a845a4fedce3115 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Wed, 20 Dec 2023 03:40:25 -0800
Subject: [PATCH] [threat-actors] Add Solntsepek

---
 clusters/threat-actor.json | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 97cc4f2..b021aa5 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13849,6 +13849,18 @@
       },
       "uuid": "c9ffcc82-f7ac-46ce-9ea2-91e51d14e11b",
       "value": "Storm-1283"
+    },
+    {
+      "description": "Solntsepek is a threat actor group with ties to the Russian military unit GRU. They have claimed responsibility for a cyberattack on Kyivstar, a Ukrainian mobile operator, and have been linked to previous attacks on Ukrainian infrastructure. Solntsepek has been associated with the Sandworm hacking group, known for their destructive cyberattacks, including the NotPetya worm. They have also engaged in hostile activities, such as revealing personal details of Ukrainian soldiers.",
+      "meta": {
+        "country": "RU",
+        "refs": [
+          "https://kyivindependent.com/sbu-russian-hacker-group-reponsible-for-kyiv-star-cyberattack/",
+          "https://dev.ua/ru/news/atakovali-suspilne-provaiderov-i-minrazvitiya-obschin-kto-stoit-za-rossiiskoi-gruppirovkoi-solntsepek-kotoraya-aktivizirovala-napadeniya-na-ukrainskie-struktury"
+        ]
+      },
+      "uuid": "0b792fbe-87c2-42c5-8d0d-97c7d47078b5",
+      "value": "Solntsepek"
     }
   ],
   "version": 296