MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add IcePeony

pull/1030/head
Mathieu4141 2024-11-01 10:43:27 -07:00
parent dd4249a17c
commit 65549d89b4
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
clusters/threat-actor.json
View File

@ -17092,6 +17092,17 @@
},
"uuid": "0debc8ab-1449-4915-aa33-f6a54df2b2d7",
"value": "UAC-0215"
},
{
"description": "IcePeony is a China-nexus APT group that has been active since at least 2023, targeting government agencies, academic institutions, and political organizations in countries such as India, Mauritius, and Vietnam. They primarily employ SQL injection techniques to exploit vulnerabilities in publicly accessible web servers, subsequently installing web shells or executing malware like IceCache to facilitate credential theft. IcePeony operates under harsh work conditions, potentially adhering to the 996 working hour system, and shows a particular interest in the governments of Indian Ocean countries. Their activities suggest alignment with China's national interests, possibly related to maritime strategy.",
"meta": {
"country": "CN",
"refs": [
"https://nao-sec.org/2024/10/IcePeony-with-the-996-work-culture.html"
]
},
"uuid": "793280d5-d28c-4d4a-87b6-487ba9d9fbd1",
"value": "IcePeony"
}
],
"version": 318