[threat-actors] Add Void Rabisu

pull/875/head
Mathieu Beligon 2023-10-16 18:14:47 +02:00
parent fe77114b84
commit 537ef08735
1 changed files with 34 additions and 0 deletions

View File

@ -11959,6 +11959,40 @@
],
"uuid": "32eebd31-5e0f-4fb9-b478-26ff4e48aaf4",
"value": "AtlasCross"
},
{
"description": "Void Rabisu is an intrusion set associated with both financially motivated ransomware attacks and targeted campaigns on Ukraine and countries supporting Ukraine.",
"meta": {
"cfr-suspected-victims": [
"Ukraine",
"European Union"
],
"references": [
"https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html",
"https://www.trendmicro.com/en_za/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html"
],
"synonyms": [
"Tropical Scorpius"
]
},
"related": [
{
"dest-uuid": "6d9dfc5f-4ebf-404b-ab5e-e6497867fe65",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "uses"
},
{
"dest-uuid": "5f1c11d3-c6ac-4368-a801-cced88a9d93b",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "uses"
}
],
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
"value": "Void Rabisu"
}
],
"version": 285