From 5d6bcf5e55e0a1047fc84bc745198f163f8d2c7c Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Thu, 16 Nov 2023 07:10:18 -0800
Subject: [PATCH] [threat-actors] Add FusionCore

---
 clusters/threat-actor.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 300d507..a18562e 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -13091,6 +13091,16 @@
       },
       "uuid": "a219a78b-7b91-41b1-bf14-91e31e0bb9da",
       "value": "DragonSpark"
+    },
+    {
+      "description": "The CYFIRMA research team has identified a new up-and-coming European threat actor group known as FusionCore. Running Malware-as-a-service, along with the hacker-for- hire operation, they have a wide variety of tools and services that are being offered on their website, making it a one-stop-shop for threat actors looking to purchase cost- effective yet customizable malware. The operators have started a ransomware affiliate program that equips the attackers with the ransomware and affiliate software to manage victims. FusionCore typically provides sellers with a detailed set of instructions for any service or product being sold, enabling individuals with minimal experience to carry out complex attacks.",
+      "meta": {
+        "refs": [
+          "https://www.cyfirma.com/?post_type=out-of-band&p=17003"
+        ]
+      },
+      "uuid": "ab376039-4ede-4dfc-a45b-c80d9d994657",
+      "value": "FusionCore"
     }
   ],
   "version": 294