mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add Void Rabisu
parent
fe77114b84
commit
537ef08735
|
@ -11959,6 +11959,40 @@
|
|||
],
|
||||
"uuid": "32eebd31-5e0f-4fb9-b478-26ff4e48aaf4",
|
||||
"value": "AtlasCross"
|
||||
},
|
||||
{
|
||||
"description": "Void Rabisu is an intrusion set associated with both financially motivated ransomware attacks and targeted campaigns on Ukraine and countries supporting Ukraine.",
|
||||
"meta": {
|
||||
"cfr-suspected-victims": [
|
||||
"Ukraine",
|
||||
"European Union"
|
||||
],
|
||||
"references": [
|
||||
"https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html",
|
||||
"https://www.trendmicro.com/en_za/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html"
|
||||
],
|
||||
"synonyms": [
|
||||
"Tropical Scorpius"
|
||||
]
|
||||
},
|
||||
"related": [
|
||||
{
|
||||
"dest-uuid": "6d9dfc5f-4ebf-404b-ab5e-e6497867fe65",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "uses"
|
||||
},
|
||||
{
|
||||
"dest-uuid": "5f1c11d3-c6ac-4368-a801-cced88a9d93b",
|
||||
"tags": [
|
||||
"estimative-language:likelihood-probability=\"likely\""
|
||||
],
|
||||
"type": "uses"
|
||||
}
|
||||
],
|
||||
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
|
||||
"value": "Void Rabisu"
|
||||
}
|
||||
],
|
||||
"version": 285
|
||||
|
|
Loading…
Reference in New Issue